Class to manage LDAP features. More...
Public Member Functions | |
| __construct () | |
| Constructor. | |
| connect_bind () | |
| Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined. | |
| close () | |
| Simply closes the connection set up earlier. | |
| bind () | |
| Anonymously binds to the connection. | |
| bindauth ($bindDn, $pass) | |
| Binds as an authenticated user, which usually allows for write access. | |
| unbind () | |
| Unbind of LDAP server (close connection). | |
| getVersion () | |
| Verification de la version du serveur ldap. | |
| setVersion () | |
| Change ldap protocol version to use. | |
| setReferrals () | |
| changement du referrals. | |
| add ($dn, $info, $user) | |
| Add a LDAP entry Ldap object connect and bind must have been done. | |
| modify ($dn, $info, $user) | |
| Modify a LDAP entry Ldap object connect and bind must have been done. | |
| rename ($dn, $newrdn, $newparent, $user, $deleteoldrdn=true) | |
| Rename a LDAP entry Ldap object connect and bind must have been done. | |
| update ($dn, $info, $user, $olddn, $newrdn=false, $newparent=false) | |
| Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done. | |
| delete ($dn) | |
| Delete a LDAP entry Ldap object connect and bind must have been done. | |
| dump_content ($dn, $info) | |
| Build a LDAP message. | |
| dump ($dn, $info) | |
| Dump a LDAP message to ldapinput.in file. | |
| serverPing ($host, $port=389, $timeout=1) | |
| Ping a server before ldap_connect for avoid waiting. | |
| addAttribute ($dn, $info, $user) | |
| Add a LDAP attribute in entry Ldap object connect and bind must have been done. | |
| updateAttribute ($dn, $info, $user) | |
| Update a LDAP attribute in entry Ldap object connect and bind must have been done. | |
| deleteAttribute ($dn, $info, $user) | |
| Delete a LDAP attribute in entry Ldap object connect and bind must have been done. | |
| getAttribute ($dn, $filter) | |
| Returns an array containing attributes and values for first record. | |
| getAttributeValues ($filterrecord, $attribute) | |
| Returns an array containing values for an attribute and for first record matching filterrecord. | |
| getRecords ($search, $userDn, $useridentifier, $attributeArray, $activefilter=0, $attributeAsArray=array()) | |
| Returns an array containing a details or list of LDAP record(s). | |
| littleEndian ($hex) | |
| Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory. | |
| getObjectSid ($ldapUser) | |
| Recupere le SID de l'utilisateur Required by Active Directory. | |
| binSIDtoText ($binsid) | |
| Returns the textual SID Indispensable pour Active Directory. | |
| search ($checkDn, $filter) | |
| Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule. | |
| fetch ($user, $filter) | |
| Load all attribute of a LDAP user. | |
| getUserIdentifier () | |
| Returns the correct user identifier to use, based on the ldap server type. | |
| parseUACF ($uacf) | |
| UserAccountControl Flgs to more human understandable form... | |
| parseSAT ($samtype) | |
| SamAccountType value to text. | |
| convert_time ($value) | |
| Convertit le temps ActiveDirectory en Unix timestamp. | |
| convFromOutputCharset ($str, $pagecodeto='UTF-8') | |
| Convert a string from output/memory charset. | |
| getNextGroupGid ($keygroup='LDAP_KEY_GROUPS') | |
| Return available value of group GID. | |
Public Attributes | |
| $server = array() | |
| Tableau des serveurs (IP addresses ou nom d'hotes) | |
| $connectedServer | |
| Current connected server. | |
| $dn | |
| Base DN (e.g. | |
| $serverType | |
| type de serveur, actuellement OpenLdap et Active Directory | |
| $ldapProtocolVersion | |
| Version du protocole ldap. | |
| $domain | |
| Server DN. | |
| $searchUser | |
| User administrateur Ldap Active Directory ne supporte pas les connexions anonymes. | |
| $searchPassword | |
| Mot de passe de l'administrateur Active Directory ne supporte pas les connexions anonymes. | |
| $people | |
| DN des utilisateurs. | |
| $groups | |
| DN des groupes. | |
| $ldapErrorCode | |
| Code erreur retourne par le serveur Ldap. | |
| $ldapErrorText | |
| Message texte de l'erreur. | |
| $connection | |
| The internal LDAP connection handle. | |
| $result | |
| Result of any connections etc. | |
| const | SYNCHRO_NONE = 0 |
| No Ldap synchronization. | |
| const | SYNCHRO_DOLIBARR_TO_LDAP = 1 |
| Dolibarr to Ldap synchronization. | |
| const | SYNCHRO_LDAP_TO_DOLIBARR = 2 |
| Ldap to Dolibarr synchronization. | |
Private Member Functions | |
| convToOutputCharset ($str, $pagecodefrom='UTF-8') | |
| Convert a string into output/memory charset. | |
Detailed Description
Class to manage LDAP features.
Definition at line 34 of file ldap.class.php.
Member Function Documentation
◆ add()
| Ldap::add | ( | $dn, | |
| $info, | |||
| $user ) |
Add a LDAP entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that create
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 551 of file ldap.class.php.
References $dn, $ldapErrorText, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().
Referenced by update().
◆ addAttribute()
| Ldap::addAttribute | ( | $dn, | |
| $info, | |||
| $user ) |
Add a LDAP attribute in entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that create
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 898 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().
◆ bind()
| Ldap::bind | ( | ) |
Anonymously binds to the connection.
After this is done, queries and searches can be done - but read-only.
- Returns
- boolean true or false
Definition at line 439 of file ldap.class.php.
References $ldapErrorText.
Referenced by add(), addAttribute(), connect_bind(), delete(), deleteAttribute(), getAttribute(), modify(), rename(), update(), and updateAttribute().
◆ bindauth()
| Ldap::bindauth | ( | $bindDn, | |
| $pass ) |
Binds as an authenticated user, which usually allows for write access.
The FULL dn must be passed. For a directory manager, this is "cn=Directory Manager" under iPlanet. For a user, it will be something like "uid=jbloggs,ou=People,dc=foo,dc=com".
- Parameters
-
string $bindDn DN string $pass Password
- Returns
- boolean true or false
Definition at line 461 of file ldap.class.php.
References $ldapErrorText.
Referenced by connect_bind(), fetch(), getObjectSid(), getRecords(), and search().
◆ binSIDtoText()
| Ldap::binSIDtoText | ( | $binsid | ) |
Returns the textual SID Indispensable pour Active Directory.
- Parameters
-
string $binsid Binary SID
- Returns
- string Textual SID
Definition at line 1277 of file ldap.class.php.
References $result, and littleEndian().
Referenced by getObjectSid().
◆ close()
| Ldap::close | ( | ) |
Simply closes the connection set up earlier.
Returns true if OK, false if there was an error. This method seems a duplicate/alias of unbind().
- Returns
- boolean true or false
- Deprecated
- ldap_close is an alias of ldap_unbind, so use unbind() instead.
- See also
- unbind()
Definition at line 428 of file ldap.class.php.
References unbind().
◆ connect_bind()
| Ldap::connect_bind | ( | ) |
Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined.
- Returns
- int Return integer <0 if KO, 1 if bind anonymous, 2 if bind auth
Definition at line 265 of file ldap.class.php.
References $result, bind(), bindauth(), dol_syslog(), getDolGlobalString(), serverPing(), setReferrals(), setVersion(), and unbind().
◆ convert_time()
| Ldap::convert_time | ( | $value | ) |
Convertit le temps ActiveDirectory en Unix timestamp.
- Parameters
-
string $value AD time to convert
- Returns
- integer Unix timestamp
Definition at line 1514 of file ldap.class.php.
Referenced by fetch().
◆ convFromOutputCharset()
| Ldap::convFromOutputCharset | ( | $str, | |
| $pagecodeto = 'UTF-8' ) |
Convert a string from output/memory charset.
- Parameters
-
string $str String to convert string $pagecodeto Page code for result string
- Returns
- string Converted string
Definition at line 1551 of file ldap.class.php.
Referenced by add(), addAttribute(), delete(), deleteAttribute(), modify(), rename(), search(), and updateAttribute().
◆ convToOutputCharset()
|
private |
Convert a string into output/memory charset.
- Parameters
-
string $str String to convert string $pagecodefrom Page code of src string
- Returns
- string Converted string
Definition at line 1532 of file ldap.class.php.
Referenced by fetch(), and getRecords().
◆ delete()
| Ldap::delete | ( | $dn | ) |
Delete a LDAP entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 751 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), and dol_syslog().
◆ deleteAttribute()
| Ldap::deleteAttribute | ( | $dn, | |
| $info, | |||
| $user ) |
Delete a LDAP attribute in entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that create
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 990 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().
◆ dump()
| Ldap::dump | ( | $dn, | |
| $info ) |
Dump a LDAP message to ldapinput.in file.
- Parameters
-
string $dn DN entry key array $info Attributes array
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 821 of file ldap.class.php.
References $dn, $result, dol_mkdir(), dolChmod(), and dump_content().
Referenced by add(), addAttribute(), deleteAttribute(), modify(), and updateAttribute().
◆ dump_content()
| Ldap::dump_content | ( | $dn, | |
| $info ) |
Build a LDAP message.
- Parameters
-
string $dn DN entry key array $info Attributes array
- Returns
- string Content of file
Definition at line 784 of file ldap.class.php.
Referenced by dump().
◆ fetch()
| Ldap::fetch | ( | $user, | |
| $filter ) |
Load all attribute of a LDAP user.
- Parameters
-
User | string $user Not used. string $filter Filter for search. Must start with &. Examples: &(objectClass=inetOrgPerson) &(objectClass=user)(objectCategory=person) &(isMemberOf=cn=Sales,ou=Groups,dc=opencsi,dc=com)
- Returns
- int >0 if OK, <0 if KO
Definition at line 1335 of file ldap.class.php.
References $domain, $people, $result, bindauth(), convert_time(), convToOutputCharset(), dol_syslog(), name, and parseUACF().
◆ getAttribute()
| Ldap::getAttribute | ( | $dn, | |
| $filter ) |
Returns an array containing attributes and values for first record.
- Parameters
-
string $dn DN entry key string $filter Filter
- Returns
- int|array Return integer <0 or false if KO, array if OK
Definition at line 1034 of file ldap.class.php.
◆ getAttributeValues()
| Ldap::getAttributeValues | ( | $filterrecord, | |
| $attribute ) |
Returns an array containing values for an attribute and for first record matching filterrecord.
- Parameters
-
string $filterrecord Record string $attribute Attributes
- Returns
- array|boolean
Definition at line 1075 of file ldap.class.php.
◆ getNextGroupGid()
| Ldap::getNextGroupGid | ( | $keygroup = 'LDAP_KEY_GROUPS' | ) |
Return available value of group GID.
- Parameters
-
string $keygroup Key of group
- Returns
- int gid number
Definition at line 1570 of file ldap.class.php.
References $result, getDolGlobalString(), and search().
◆ getObjectSid()
| Ldap::getObjectSid | ( | $ldapUser | ) |
Recupere le SID de l'utilisateur Required by Active Directory.
- Parameters
-
string $ldapUser Login de l'utilisateur
- Returns
- string Sid
Definition at line 1227 of file ldap.class.php.
References $domain, $people, bindauth(), and binSIDtoText().
Referenced by getRecords().
◆ getRecords()
| Ldap::getRecords | ( | $search, | |
| $userDn, | |||
| $useridentifier, | |||
| $attributeArray, | |||
| $activefilter = 0, | |||
| $attributeAsArray = array() ) |
Returns an array containing a details or list of LDAP record(s).
ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword
- Parameters
-
string $search Value of field to search, '*' for all. Not used if $activefilter is set. string $userDn DN (Ex: ou=adherents,ou=people,dc=parinux,dc=org) string $useridentifier Name of key field (Ex: uid). array $attributeArray Array of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword) int $activefilter '1' or 'user'=use field this->filter as filter instead of parameter $search, 'group'=use field this->filtergroup as filter, 'member'=use field this->filtermember as filter array $attributeAsArray Array of fields wanted as an array not a string
- Returns
- array|int Array of [id_record][ldap_field]=value
Definition at line 1118 of file ldap.class.php.
References bindauth(), convToOutputCharset(), dol_syslog(), and getObjectSid().
◆ getUserIdentifier()
| Ldap::getUserIdentifier | ( | ) |
Returns the correct user identifier to use, based on the ldap server type.
- Returns
- string Login
Definition at line 1419 of file ldap.class.php.
◆ getVersion()
| Ldap::getVersion | ( | ) |
Verification de la version du serveur ldap.
- Returns
- string version
Definition at line 510 of file ldap.class.php.
◆ littleEndian()
| Ldap::littleEndian | ( | $hex | ) |
Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory.
- Parameters
-
string $hex Hex value
- Returns
- string Little endian
Definition at line 1210 of file ldap.class.php.
References $result, and dol_strlen().
Referenced by binSIDtoText().
◆ modify()
| Ldap::modify | ( | $dn, | |
| $info, | |||
| $user ) |
Modify a LDAP entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that modify
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 599 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().
Referenced by update().
◆ parseSAT()
| Ldap::parseSAT | ( | $samtype | ) |
SamAccountType value to text.
- Parameters
-
string $samtype SamType
- Returns
- string Sam string
Definition at line 1481 of file ldap.class.php.
◆ parseUACF()
| Ldap::parseUACF | ( | $uacf | ) |
UserAccountControl Flgs to more human understandable form...
- Parameters
-
string $uacf UACF
- Returns
- array
Definition at line 1434 of file ldap.class.php.
Referenced by fetch().
◆ rename()
| Ldap::rename | ( | $dn, | |
| $newrdn, | |||
| $newparent, | |||
| $user, | |||
| $deleteoldrdn = true ) |
Rename a LDAP entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn Old DN entry key (uid=qqq,ou=xxx,dc=aaa,dc=bbb) (before update) string $newrdn New RDN entry key (uid=qqq) string $newparent New parent (ou=xxx,dc=aaa,dc=bbb) User $user Objet user that modify bool $deleteoldrdn If true the old RDN value(s) is removed, else the old RDN value(s) is retained as non-distinguished values of the entry.
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 657 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), and dol_syslog().
Referenced by update().
◆ search()
| Ldap::search | ( | $checkDn, | |
| $filter ) |
Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule.
A n'utiliser que pour les pages 'Fiche LDAP' qui affiche champ lisibles par defaut.
- Parameters
-
string $checkDn DN de recherche (Ex: ou=users,cn=my-domain,cn=com) string $filter Search filter (ex: (sn=nom_personne) )
- Returns
- array|int Array with answers (key lowercased - value)
Definition at line 1302 of file ldap.class.php.
References $result, bindauth(), convFromOutputCharset(), and dol_syslog().
Referenced by getNextGroupGid().
◆ serverPing()
| Ldap::serverPing | ( | $host, | |
| $port = 389, | |||
| $timeout = 1 ) |
Ping a server before ldap_connect for avoid waiting.
- Parameters
-
string $host Server host or address int $port Server port (default 389) int $timeout Timeout in second (default 1s)
- Returns
- boolean true or false
Definition at line 851 of file ldap.class.php.
Referenced by connect_bind().
◆ setReferrals()
| Ldap::setReferrals | ( | ) |
changement du referrals.
- Returns
- boolean referrals
Definition at line 534 of file ldap.class.php.
Referenced by connect_bind().
◆ setVersion()
| Ldap::setVersion | ( | ) |
Change ldap protocol version to use.
- Returns
- boolean version
Definition at line 522 of file ldap.class.php.
Referenced by connect_bind().
◆ unbind()
| Ldap::unbind | ( | ) |
Unbind of LDAP server (close connection).
- Returns
- boolean true or false
- See also
- close()
Definition at line 479 of file ldap.class.php.
References dol_syslog().
Referenced by close(), and connect_bind().
◆ update()
| Ldap::update | ( | $dn, | |
| $info, | |||
| $user, | |||
| $olddn, | |||
| $newrdn = false, | |||
| $newparent = false ) |
Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that update string $olddn Old DN entry key (before update) string $newrdn New RDN entry key (uid=qqq) (for ldap_rename) string $newparent New parent (ou=xxx,dc=aaa,dc=bbb) (for ldap_rename)
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 701 of file ldap.class.php.
References $dn, $result, add(), bind(), dol_syslog(), modify(), and rename().
◆ updateAttribute()
| Ldap::updateAttribute | ( | $dn, | |
| $info, | |||
| $user ) |
Update a LDAP attribute in entry Ldap object connect and bind must have been done.
- Parameters
-
string $dn DN entry key array $info Attributes array User $user Objet user that create
- Returns
- int Return integer <0 if KO, >0 if OK
Definition at line 944 of file ldap.class.php.
References $dn, $result, bind(), convFromOutputCharset(), dol_syslog(), and dump().
Member Data Documentation
◆ $dn
| Ldap::$dn |
Base DN (e.g.
"dc=foo,dc=com")
Definition at line 64 of file ldap.class.php.
Referenced by add(), addAttribute(), delete(), deleteAttribute(), dump(), getAttribute(), modify(), rename(), update(), and updateAttribute().
The documentation for this class was generated from the following file:
- dolibarr_19.0/htdocs/core/class/ldap.class.php
Generated on Wed Sep 4 2024 01:00:29 for dolibarr by Doxygen 1.11.0