47 public $errors = array();
52 public $server = array();
57 public $connectedServer;
78 public $ldapProtocolVersion;
104 public $searchPassword;
119 public $ldapErrorCode;
124 public $ldapErrorText;
139 public $filtermember;
149 public $attr_sambalogin;
159 public $attr_firstname;
240 public $ldapcharset =
'UTF-8';
255 const SYNCHRO_NONE = 0;
260 const SYNCHRO_DOLIBARR_TO_LDAP = 1;
265 const SYNCHRO_LDAP_TO_DOLIBARR = 2;
318 global $dolibarr_main_auth_ldap_debug;
323 $this->connectedServer =
'';
325 $ldapdebug = ((empty($dolibarr_main_auth_ldap_debug) || $dolibarr_main_auth_ldap_debug ==
"false") ?
false :
true);
329 print
"DEBUG: connectBind<br>\n";
333 if (count($this->server) == 0 || empty($this->server[0])) {
334 $this->error =
'LDAP setup (file conf.php) is not complete';
335 dol_syslog(get_class($this).
"::connectBind ".$this->error, LOG_WARNING);
339 if (!function_exists(
"ldap_connect")) {
340 $this->error =
'LDAPFunctionsNotAvailableOnPHP';
341 dol_syslog(get_class($this).
"::connectBind ".$this->error, LOG_WARNING);
345 if (empty($this->error)) {
347 foreach ($this->server as $host) {
355 if ($this->
serverPing($host, $this->serverPort)) {
357 dol_syslog(get_class($this).
"::connectBind serverPing true, we try ldap_connect to ".$host, LOG_DEBUG);
359 if (version_compare(PHP_VERSION,
'8.3.0',
'>=')) {
360 $uri = $host.
':'.$this->serverPort;
361 $this->connection = ldap_connect($uri);
363 $this->connection = ldap_connect($host, $this->serverPort);
366 if (preg_match(
'/^ldaps/i', $host)) {
370 dol_syslog(get_class($this).
"::connectBind serverPing false, we try ldap_connect to ".$host, LOG_DEBUG);
372 if (version_compare(PHP_VERSION,
'8.3.0',
'>=')) {
373 $uri = $host.
':'.$this->serverPort;
374 $this->connection = ldap_connect($uri);
376 $this->connection = ldap_connect($host, $this->serverPort);
380 dol_syslog(get_class($this).
"::connectBind serverPing false, no ldap_connect ".$host, LOG_DEBUG);
386 if (is_resource($this->connection) || is_object($this->connection)) {
388 dol_syslog(get_class($this).
"::connectBind this->connection is ok", LOG_DEBUG);
398 $resulttls = ldap_start_tls($this->connection);
400 dol_syslog(get_class($this).
"::connectBind failed to start tls", LOG_WARNING);
401 $this->error =
'ldap_start_tls Failed to start TLS '.ldap_errno($this->connection).
' '.ldap_error($this->connection);
411 if ($this->serverType ==
"activedirectory") {
413 dol_syslog(get_class($this).
"::connectBind try bindauth for activedirectory on ".$host.
" user=".$this->searchUser.
" password=".preg_replace(
'/./',
'*', $this->searchPassword), LOG_DEBUG);
414 $this->result = $this->
bindauth($this->searchUser, $this->searchPassword);
416 $this->
bind = $this->result;
418 $this->connectedServer = $host;
421 $this->error = ldap_errno($this->connection).
' '.ldap_error($this->connection);
425 if ($this->searchUser && $this->searchPassword) {
426 dol_syslog(get_class($this).
"::connectBind try bindauth on ".$host.
" user=".$this->searchUser.
" password=".preg_replace(
'/./',
'*', $this->searchPassword), LOG_DEBUG);
427 $this->result = $this->
bindauth($this->searchUser, $this->searchPassword);
429 $this->
bind = $this->result;
431 $this->connectedServer = $host;
434 $this->error = ldap_errno($this->connection).
' '.ldap_error($this->connection);
439 dol_syslog(get_class($this).
"::connectBind try bind anonymously on ".$host, LOG_DEBUG);
440 $result = $this->
bind();
442 $this->
bind = $this->result;
444 $this->connectedServer = $host;
447 $this->error = ldap_errno($this->connection).
' '.ldap_error($this->connection);
460 dol_syslog(get_class($this).
"::connectBind ".$connected, LOG_DEBUG);
463 $this->error =
'Failed to connect to LDAP'.($this->error ?
': '.$this->error :
'');
464 dol_syslog(get_class($this).
"::connectBind ".$this->error, LOG_WARNING);
490 if (!$this->result = @ldap_bind($this->connection)) {
491 $this->ldapErrorCode = ldap_errno($this->connection);
492 $this->ldapErrorText = ldap_error($this->connection);
493 $this->error = $this->ldapErrorCode.
" ".$this->ldapErrorText;
512 if (!$this->result = @ldap_bind($this->connection, $bindDn, $pass)) {
513 $this->ldapErrorCode = ldap_errno($this->connection);
514 $this->ldapErrorText = ldap_error($this->connection);
515 $this->error = $this->ldapErrorCode.
" ".$this->ldapErrorText;
530 $this->result =
true;
531 if (version_compare(PHP_VERSION,
'8.1.0',
'>=')) {
532 if (is_object($this->connection)) {
534 $this->result = ldap_unbind($this->connection);
535 }
catch (Throwable $exception) {
536 $this->error =
'Failed to unbind LDAP connection: '.$exception;
537 $this->result =
false;
538 dol_syslog(get_class($this).
'::unbind - '.$this->error, LOG_WARNING);
542 if (is_resource($this->connection)) {
544 $this->result = @ldap_unbind($this->connection);
562 @ldap_get_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, $version);
574 return ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, $this->ldapProtocolVersion);
584 return ldap_set_option($this->connection, LDAP_OPT_SIZELIMIT, 0);
595 return ldap_set_option($this->connection, LDAP_OPT_REFERRALS, 0);
608 public function add($dn, $info, $user)
610 dol_syslog(get_class($this).
"::add dn=".$dn.
" info=".print_r($info,
true));
613 if (!$this->connection) {
614 $this->error =
"NotConnected";
618 $this->error =
"NotConnected";
624 foreach ($info as $key => $val) {
625 if (!is_array($val)) {
630 $this->
dump($dn, $info);
633 $result = @ldap_add($this->connection, $dn, $info);
636 dol_syslog(get_class($this).
"::add successful", LOG_DEBUG);
639 $this->ldapErrorCode = @ldap_errno($this->connection);
640 $this->ldapErrorText = @ldap_error($this->connection);
641 $this->error = $this->ldapErrorCode.
" ".$this->ldapErrorText;
642 dol_syslog(get_class($this).
"::add failed: ".$this->error, LOG_ERR);
656 public function modify($dn, $info, $user)
658 dol_syslog(get_class($this).
"::modify dn=".$dn.
" info=".print_r($info,
true));
661 if (!$this->connection) {
662 $this->error =
"NotConnected";
666 $this->error =
"NotConnected";
672 foreach ($info as $key => $val) {
673 if (!is_array($val)) {
678 $this->
dump($dn, $info);
683 if ($this->serverType ==
"activedirectory") {
687 if (isset($info[
'unicodePwd'])) {
688 $info[
'unicodePwd'] = mb_convert_encoding(
"\"".$info[
'unicodePwd'].
"\"",
"UTF-16LE",
"UTF-8");
691 $result = @ldap_mod_replace($this->connection, $dn, $info);
694 dol_syslog(get_class($this).
"::modify successful", LOG_DEBUG);
697 $this->error = @ldap_error($this->connection);
698 dol_syslog(get_class($this).
"::modify failed: ".$this->error, LOG_ERR);
714 public function rename($dn, $newrdn, $newparent, $user, $deleteoldrdn =
true)
716 dol_syslog(get_class($this).
"::modify dn=".$dn.
" newrdn=".$newrdn.
" newparent=".$newparent.
" deleteoldrdn=".($deleteoldrdn ? 1 : 0));
719 if (!$this->connection) {
720 $this->error =
"NotConnected";
724 $this->error =
"NotConnected";
734 $result = @ldap_rename($this->connection, $dn, $newrdn, $newparent, $deleteoldrdn);
737 dol_syslog(get_class($this).
"::rename successful", LOG_DEBUG);
740 $this->error = @ldap_error($this->connection);
741 dol_syslog(get_class($this).
"::rename failed: ".$this->error, LOG_ERR);
758 public function update($dn, $info, $user, $olddn, $newrdn =
'', $newparent =
'')
760 dol_syslog(get_class($this).
"::update dn=".$dn.
" olddn=".$olddn);
763 if (!$this->connection) {
764 $this->error =
"NotConnected";
768 $this->error =
"NotConnected";
772 if (!$olddn || $olddn != $dn) {
773 if (!empty($olddn) && !empty($newrdn) && !empty($newparent) && $this->ldapProtocolVersion ===
'3') {
775 $result = $this->
rename($olddn, $newrdn, $newparent, $user,
true);
776 $result = $this->
modify($dn, $info, $user);
779 $result = $this->
add($dn, $info, $user);
780 if ($result > 0 && $olddn && $olddn != $dn) {
781 $result = $this->
delete($olddn);
786 $result = $this->
add($dn, $info, $user);
787 $result = $this->
modify($dn, $info, $user);
790 $this->error = ldap_error($this->connection).
' (Code '.ldap_errno($this->connection).
") ".$this->error;
791 dol_syslog(get_class($this).
"::update ".$this->error, LOG_ERR);
795 dol_syslog(get_class($this).
"::update done successfully");
808 public function delete($dn)
810 dol_syslog(get_class($this).
"::delete Delete LDAP entry dn=".$dn);
813 if (!$this->connection) {
814 $this->error =
"NotConnected";
818 $this->error =
"NotConnected";
825 $result = @ldap_delete($this->connection, $dn);
846 if (preg_match(
'/^ldap/', $this->server[0])) {
847 $target =
"-H ".implode(
',', $this->server);
849 $target =
"-h ".implode(
',', $this->server).
" -p ".$this->serverPort;
851 $content .=
"# ldapadd $target -c -v -D ".$this->searchUser.
" -W -f ldapinput.in\n";
852 $content .=
"# ldapmodify $target -c -v -D ".$this->searchUser.
" -W -f ldapinput.in\n";
853 $content .=
"# ldapdelete $target -c -v -D ".$this->searchUser.
" -W -f ldapinput.in\n";
854 if (in_array(
'localhost', $this->server)) {
855 $content .=
"# If commands fails to connect, try without -h and -p\n";
857 $content .=
"dn: ".$dn.
"\n";
858 foreach ($info as $key => $value) {
859 if (!is_array($value)) {
860 $content .=
"$key: $value\n";
862 foreach ($value as $valuevalue) {
863 $content .=
"$key: $valuevalue\n";
877 public function dump($dn, $info)
880 $ldapDirTemp = $conf->ldap->dir_temp;
887 $outputfile = $ldapDirTemp.
'/ldapinput.in';
888 $fp = fopen($outputfile,
"w");
890 fwrite($fp, $content);
913 if (preg_match(
'/^ldaps:\/\/([^\/]+)\/?$/', $host, $regs)) {
915 $host =
'ssl://'.$regs[1];
916 } elseif (preg_match(
'/^ldap:\/\/([^\/]+)\/?$/', $host, $regs)) {
925 $errno = $errstr = 0;
934 $op = @fsockopen($host, $port, $errno, $errstr, $timeout);
959 dol_syslog(get_class($this).
"::addAttribute dn=".$dn.
" info=".implode(
',', $info));
962 if (!$this->connection) {
963 $this->error =
"NotConnected";
967 $this->error =
"NotConnected";
973 foreach ($info as $key => $val) {
974 if (!is_array($val)) {
979 $this->
dump($dn, $info);
982 $result = @ldap_mod_add($this->connection, $dn, $info);
985 dol_syslog(get_class($this).
"::add_attribute successful", LOG_DEBUG);
988 $this->error = @ldap_error($this->connection);
989 dol_syslog(get_class($this).
"::add_attribute failed: ".$this->error, LOG_ERR);
1005 dol_syslog(get_class($this).
"::updateAttribute dn=".$dn.
" info=".implode(
',', $info));
1008 if (!$this->connection) {
1009 $this->error =
"NotConnected";
1013 $this->error =
"NotConnected";
1019 foreach ($info as $key => $val) {
1020 if (!is_array($val)) {
1025 $this->
dump($dn, $info);
1028 $result = @ldap_mod_replace($this->connection, $dn, $info);
1031 dol_syslog(get_class($this).
"::updateAttribute successful", LOG_DEBUG);
1034 $this->error = @ldap_error($this->connection);
1035 dol_syslog(get_class($this).
"::updateAttribute failed: ".$this->error, LOG_ERR);
1051 dol_syslog(get_class($this).
"::deleteAttribute dn=".$dn.
" info=".implode(
',', $info));
1054 if (!$this->connection) {
1055 $this->error =
"NotConnected";
1059 $this->error =
"NotConnected";
1065 foreach ($info as $key => $val) {
1066 if (!is_array($val)) {
1071 $this->
dump($dn, $info);
1074 $result = @ldap_mod_del($this->connection, $dn, $info);
1077 dol_syslog(get_class($this).
"::deleteAttribute successful", LOG_DEBUG);
1080 $this->error = @ldap_error($this->connection);
1081 dol_syslog(get_class($this).
"::deleteAttribute failed: ".$this->error, LOG_ERR);
1096 if (!$this->connection) {
1097 $this->error =
"NotConnected";
1101 $this->error =
"NotConnected";
1105 $search = @ldap_search($this->connection, $dn, $filter);
1108 $entry = @ldap_first_entry($this->connection, $search);
1111 $this->ldapErrorCode = -1;
1112 $this->ldapErrorText =
"Couldn't find entry";
1117 if (!($values = ldap_get_attributes($this->connection, $entry))) {
1118 $this->ldapErrorCode = ldap_errno($this->connection);
1119 $this->ldapErrorText = ldap_error($this->connection);
1136 $attributes = array();
1137 $attributes[0] = $attribute;
1140 $this->result = @ldap_search($this->connection, $this->people, $filterrecord, $attributes);
1146 $entry = ldap_first_entry($this->connection, $this->result);
1149 $this->ldapErrorCode = -1;
1150 $this->ldapErrorText =
"Couldn't find user";
1155 if (!$values = @ldap_get_values_len($this->connection, $entry, $attribute)) {
1156 $this->ldapErrorCode = ldap_errno($this->connection);
1157 $this->ldapErrorText = ldap_error($this->connection);
1177 public function getRecords($search, $userDn, $useridentifier, $attributeArray, $activefilter = 0, $attributeAsArray = array())
1179 $fulllist = array();
1181 dol_syslog(get_class($this).
"::getRecords search=".$search.
" userDn=".$userDn.
" useridentifier=".$useridentifier.
" attributeArray=array(".implode(
',', $attributeArray).
") activefilter=".$activefilter);
1184 if ($this->serverType ==
"activedirectory") {
1185 $this->
bindauth($this->searchUser, $this->searchPassword);
1186 dol_syslog(get_class($this).
"::bindauth serverType=activedirectory searchUser=".$this->searchUser);
1190 if (!empty($activefilter)) {
1191 if (((
string) $activefilter ==
'1' || (
string) $activefilter ==
'user') && $this->filter) {
1192 $filter =
'('.$this->filter.
')';
1193 } elseif (((
string) $activefilter ==
'group') && $this->filtergroup) {
1194 $filter =
'('.$this->filtergroup.
')';
1195 } elseif (((
string) $activefilter ==
'member') && $this->filter) {
1196 $filter =
'('.$this->filtermember.
')';
1199 $filter =
'('.ldap_escape($useridentifier,
'', LDAP_ESCAPE_FILTER).
'=*)';
1202 $filter =
'('.ldap_escape($useridentifier,
'', LDAP_ESCAPE_FILTER).
'='.ldap_escape($search,
'', LDAP_ESCAPE_FILTER).
')';
1205 if (is_array($attributeArray)) {
1207 $attributeArray = array_values($attributeArray);
1208 dol_syslog(get_class($this).
"::getRecords connection=".$this->connectedServer.
":".$this->serverPort.
" userDn=".$userDn.
" filter=".$filter.
" attributeArray=(".implode(
',', $attributeArray).
")");
1210 $this->result = @ldap_search($this->connection, $userDn, $filter, $attributeArray);
1213 dol_syslog(get_class($this).
"::getRecords connection=".$this->connectedServer.
":".$this->serverPort.
" userDn=".$userDn.
" filter=".$filter);
1214 $this->result = @ldap_search($this->connection, $userDn, $filter);
1216 if (!$this->result) {
1217 $this->error =
'LDAP search failed: '.ldap_errno($this->connection).
" ".ldap_error($this->connection);
1221 $info = @ldap_get_entries($this->connection, $this->result);
1227 for ($i = 0; $i < $info[
"count"]; $i++) {
1228 $recordid = $this->
convToOutputCharset($info[$i][strtolower($useridentifier)][0], $this->ldapcharset);
1231 $fulllist[$recordid][$useridentifier] = $recordid;
1234 $num = count($attributeArray);
1235 for ($j = 0; $j < $num; $j++) {
1236 $keyattributelower = strtolower($attributeArray[$j]);
1240 if ($this->serverType ==
"activedirectory" && $keyattributelower ==
"objectsid") {
1242 $fulllist[$recordid][$attributeArray[$j]] = $objectsid;
1244 if (in_array($attributeArray[$j], $attributeAsArray) && is_array($info[$i][$keyattributelower])) {
1245 $valueTab = array();
1246 foreach ($info[$i][$keyattributelower] as $key => $value) {
1249 $fulllist[$recordid][$attributeArray[$j]] = $valueTab;
1251 $fulllist[$recordid][$attributeArray[$j]] = $this->
convToOutputCharset($info[$i][$keyattributelower][0], $this->ldapcharset);
1272 for ($x =
dol_strlen($hex) - 2; $x >= 0; $x = $x - 2) {
1273 $result .= substr($hex, $x, 2);
1288 $criteria =
'('.$this->getUserIdentifier().
'='.$ldapUser.
')';
1289 $justthese = array(
"objectsid");
1292 if ($this->serverType ==
"activedirectory") {
1293 $this->
bindauth($this->searchUser, $this->searchPassword);
1297 $searchDN = $this->people;
1300 $ldapSearchResult = @ldap_search($this->connection, $searchDN, $criteria, $justthese);
1302 if (!$ldapSearchResult) {
1303 $this->error = ldap_errno($this->connection).
" ".ldap_error($this->connection);
1307 $entry = ldap_first_entry($this->connection, $ldapSearchResult);
1311 $searchDN = $this->domain;
1320 $ldapBinary = ldap_get_values_len($this->connection, $entry,
"objectsid");
1324 $this->error = ldap_errno($this->connection).
" ".ldap_error($this->connection);
1338 $hex_sid = bin2hex($binsid);
1339 $rev = hexdec(substr($hex_sid, 0, 2));
1340 $subcount = hexdec(substr($hex_sid, 2, 2));
1341 $auth = hexdec(substr($hex_sid, 4, 12));
1342 $result =
"$rev-$auth";
1343 for ($x = 0; $x < $subcount; $x++) {
1344 $result .=
"-".hexdec($this->
littleEndian(substr($hex_sid, 16 + ($x * 8), 8)));
1365 dol_syslog(get_class($this).
"::search checkDn=".$checkDn.
" filter=".$filter);
1371 if ($this->serverType ==
"activedirectory") {
1372 $this->
bindauth($this->searchUser, $this->searchPassword);
1375 $this->result = @ldap_search($this->connection, $checkDn, $filter);
1377 $result = @ldap_get_entries($this->connection, $this->result);
1379 $this->error = ldap_errno($this->connection).
" ".ldap_error($this->connection);
1382 ldap_free_result($this->result);
1401 if ($this->serverType ==
"activedirectory") {
1402 $this->
bindauth($this->searchUser, $this->searchPassword);
1405 $searchDN = $this->people;
1410 dol_syslog(get_class($this).
"::fetch search with searchDN=".$searchDN.
" filter=".$filter);
1411 $this->result = @ldap_search($this->connection, $searchDN, $filter);
1412 if ($this->result) {
1413 $result = @ldap_get_entries($this->connection, $this->result);
1414 if ($result[
'count'] > 0) {
1415 dol_syslog(
'Ldap::fetch search found '.$result[
'count'].
' records');
1417 dol_syslog(
'Ldap::fetch search returns but found no records');
1421 $this->error = ldap_errno($this->connection).
" ".ldap_error($this->connection);
1422 dol_syslog(get_class($this).
"::fetch search fails");
1428 $searchDN = $this->domain;
1436 $this->error = ldap_errno($this->connection).
" ".ldap_error($this->connection);
1440 $this->firstname = $this->
convToOutputCharset($result[0][$this->attr_firstname][0], $this->ldapcharset);
1441 $this->login = $this->
convToOutputCharset($result[0][$this->attr_login][0], $this->ldapcharset);
1442 $this->phone = $this->
convToOutputCharset($result[0][$this->attr_phone][0], $this->ldapcharset);
1443 $this->fax = $this->
convToOutputCharset($result[0][$this->attr_fax][0], $this->ldapcharset);
1444 $this->mail = $this->
convToOutputCharset($result[0][$this->attr_mail][0], $this->ldapcharset);
1445 $this->mobile = $this->
convToOutputCharset($result[0][$this->attr_mobile][0], $this->ldapcharset);
1448 if (isset($result[0][
"pwdlastset"][0])) {
1449 $this->pwdlastset = ($result[0][
"pwdlastset"][0] != 0) ? $this->
convertTime($this->
convToOutputCharset($result[0][
"pwdlastset"][0], $this->ldapcharset)) : 0;
1451 $this->pwdlastset = -1;
1453 if (!$this->
name && !$this->login) {
1454 $this->pwdlastset = -1;
1459 $domain = str_replace(
'dc=',
'', $this->domain);
1460 $domain = str_replace(
',',
'.', $domain);
1461 $this->domainFQDN = $domain;
1465 $this->ldapUserDN = $result[0][
'dn'];
1467 ldap_free_result($this->result);
1482 if ($this->serverType ==
"activedirectory") {
1483 return $this->attr_sambalogin;
1485 return $this->attr_login;
1499 "TRUSTED_TO_AUTH_FOR_DELEGATION" => 16777216,
1500 "PASSWORD_EXPIRED" => 8388608,
1501 "DONT_REQ_PREAUTH" => 4194304,
1502 "USE_DES_KEY_ONLY" => 2097152,
1503 "NOT_DELEGATED" => 1048576,
1504 "TRUSTED_FOR_DELEGATION" => 524288,
1505 "SMARTCARD_REQUIRED" => 262144,
1506 "MNS_LOGON_ACCOUNT" => 131072,
1507 "DONT_EXPIRE_PASSWORD" => 65536,
1508 "SERVER_TRUST_ACCOUNT" => 8192,
1509 "WORKSTATION_TRUST_ACCOUNT" => 4096,
1510 "INTERDOMAIN_TRUST_ACCOUNT" => 2048,
1511 "NORMAL_ACCOUNT" => 512,
1512 "TEMP_DUPLICATE_ACCOUNT" => 256,
1513 "ENCRYPTED_TEXT_PWD_ALLOWED" => 128,
1514 "PASSWD_CANT_CHANGE" => 64,
1515 "PASSWD_NOTREQD" => 32,
1517 "HOMEDIR_REQUIRED" => 8,
1518 "ACCOUNTDISABLE" => 2,
1525 foreach ($flags as $flag => $val) {
1526 if ($uacf >= $val) {
1528 $retval[$val] = $flag;
1545 805306368 =>
"NORMAL_ACCOUNT",
1546 805306369 =>
"WORKSTATION_TRUST",
1547 805306370 =>
"INTERDOMAIN_TRUST",
1548 268435456 =>
"SECURITY_GLOBAL_GROUP",
1549 268435457 =>
"DISTRIBUTION_GROUP",
1550 536870912 =>
"SECURITY_LOCAL_GROUP",
1551 536870913 =>
"DISTRIBUTION_LOCAL_GROUP"
1555 foreach ($stypes as $sat => $val) {
1556 if ($samtype == $sat) {
1561 if (empty($retval)) {
1562 $retval =
"UNKNOWN_TYPE_".$samtype;
1576 $dateLargeInt = $value;
1577 $secsAfterADEpoch = $dateLargeInt / (10000000);
1578 $ADToUnixConvertor = ((1970 - 1601) * 365.242190) * 86400;
1579 $unixTimeStamp = intval($secsAfterADEpoch - $ADToUnixConvertor);
1580 return $unixTimeStamp;
1594 if ($pagecodefrom ==
'ISO-8859-1' && $conf->file->character_set_client ==
'UTF-8') {
1595 $str = mb_convert_encoding($str,
'UTF-8',
'ISO-8859-1');
1597 if ($pagecodefrom ==
'UTF-8' && $conf->file->character_set_client ==
'ISO-8859-1') {
1598 $str = mb_convert_encoding($str,
'ISO-8859-1');
1613 if ($pagecodeto ==
'ISO-8859-1' && $conf->file->character_set_client ==
'UTF-8') {
1614 $str = mb_convert_encoding($str,
'ISO-8859-1');
1616 if ($pagecodeto ==
'UTF-8' && $conf->file->character_set_client ==
'ISO-8859-1') {
1617 $str = mb_convert_encoding($str,
'UTF-8',
'ISO-8859-1');
1632 if (empty($keygroup)) {
1633 $keygroup =
'LDAP_KEY_GROUPS';
1637 $result = $this->
search($this->groups, $search);
1639 $c = $result[
'count'];
1641 for ($i = 0; $i < $c; $i++) {
1642 $gids[] = $result[$i][
'gidnumber'][0];
1646 return $gids[0] + 1;
Class to manage LDAP features.
add($dn, $info, $user)
Add an LDAP entry LDAP object connect and bind must have been done.
convertTime($value)
Converts ActiveDirectory time to Unix timestamp.
modify($dn, $info, $user)
Modify an LDAP entry LDAP object connect and bind must have been done.
deleteAttribute($dn, $info, $user)
Delete an LDAP attribute in entry LDAP object connect and bind must have been done.
setVersion()
Set LDAP protocol version.
convToOutputCharset($str, $pagecodefrom='UTF-8')
Convert a string into output/memory charset.
littleEndian($hex)
Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory.
fetch($user, $filter)
Load all attributes of an LDAP user.
update($dn, $info, $user, $olddn, $newrdn='', $newparent='')
Modify an LDAP entry (to use if dn != olddn) LDAP object connect and bind must have been done.
getObjectSid($ldapUser)
Gets LDAP user SID.
updateAttribute($dn, $info, $user)
Update an LDAP attribute in entry LDAP object connect and bind must have been done.
getUserIdentifier()
Returns the correct user identifier to use, based on the LDAP server type.
getAttribute($dn, $filter)
Returns an array containing attributes and values for first record.
close()
Simply closes the connection set up earlier.
parseSAT($samtype)
SamAccountType value to text.
rename($dn, $newrdn, $newparent, $user, $deleteoldrdn=true)
Rename an LDAP entry LDAP object connect and bind must have been done.
getNextGroupGid($keygroup='LDAP_KEY_GROUPS')
Return available value of group GID.
setSizeLimit()
Set LDAP size limit.
binSIDtoText($binsid)
Returns the textual SID Required by Active Directory.
connectBind()
Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType,...
setReferrals()
Set LDAP referrals.
search($checkDn, $filter)
Search method with filter this->connection must be defined.
getRecords($search, $userDn, $useridentifier, $attributeArray, $activefilter=0, $attributeAsArray=array())
Returns an array containing a details or list of LDAP record(s).
getVersion()
Verify LDAP server version.
dumpContent($dn, $info)
Build an LDAP message.
getAttributeValues($filterrecord, $attribute)
Returns an array containing values for an attribute and for first record matching filterrecord.
parseUACF($uacf)
UserAccountControl Flags to more human understandable form...
__construct()
Constructor.
convFromOutputCharset($str, $pagecodeto='UTF-8')
Convert a string from output/memory charset.
serverPing($host, $port=389, $timeout=1)
Ping a server before ldap_connect for avoid waiting.
bind()
Anonymously binds to the connection.
unbind()
Unbind of LDAP server (close connection).
bindauth($bindDn, $pass)
Binds as an authenticated user, which usually allows for write access.
dump($dn, $info)
Dump an LDAP message to ldapinput.in file.
addAttribute($dn, $info, $user)
Add an LDAP attribute in entry LDAP object connect and bind must have been done.
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
dolChmod($filepath, $newmask='')
Change mod of a file.
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
$conf db name
Only used if Module[ID]Name translation string is not found.