dolibarr  19.0.0-dev
Public Member Functions | Public Attributes | Private Member Functions | List of all members
Ldap Class Reference

Class to manage LDAP features. More...

Collaboration diagram for Ldap:
Collaboration graph
[legend]

Public Member Functions

 __construct ()
 Constructor.
 
 connect_bind ()
 Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined. More...
 
 close ()
 Simply closes the connection set up earlier. More...
 
 bind ()
 Anonymously binds to the connection. More...
 
 bindauth ($bindDn, $pass)
 Binds as an authenticated user, which usually allows for write access. More...
 
 unbind ()
 Unbind of LDAP server (close connection). More...
 
 getVersion ()
 Verification de la version du serveur ldap. More...
 
 setVersion ()
 Change ldap protocol version to use. More...
 
 setReferrals ()
 changement du referrals. More...
 
 add ($dn, $info, $user)
 Add a LDAP entry Ldap object connect and bind must have been done. More...
 
 modify ($dn, $info, $user)
 Modify a LDAP entry Ldap object connect and bind must have been done. More...
 
 rename ($dn, $newrdn, $newparent, $user, $deleteoldrdn=true)
 Rename a LDAP entry Ldap object connect and bind must have been done. More...
 
 update ($dn, $info, $user, $olddn, $newrdn=false, $newparent=false)
 Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done. More...
 
 delete ($dn)
 Delete a LDAP entry Ldap object connect and bind must have been done. More...
 
 dump_content ($dn, $info)
 Build a LDAP message. More...
 
 dump ($dn, $info)
 Dump a LDAP message to ldapinput.in file. More...
 
 serverPing ($host, $port=389, $timeout=1)
 Ping a server before ldap_connect for avoid waiting. More...
 
 addAttribute ($dn, $info, $user)
 Add a LDAP attribute in entry Ldap object connect and bind must have been done. More...
 
 updateAttribute ($dn, $info, $user)
 Update a LDAP attribute in entry Ldap object connect and bind must have been done. More...
 
 deleteAttribute ($dn, $info, $user)
 Delete a LDAP attribute in entry Ldap object connect and bind must have been done. More...
 
 getAttribute ($dn, $filter)
 Returns an array containing attributes and values for first record. More...
 
 getAttributeValues ($filterrecord, $attribute)
 Returns an array containing values for an attribute and for first record matching filterrecord. More...
 
 getRecords ($search, $userDn, $useridentifier, $attributeArray, $activefilter=0, $attributeAsArray=array())
 Returns an array containing a details or list of LDAP record(s). More...
 
 littleEndian ($hex)
 Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory. More...
 
 getObjectSid ($ldapUser)
 Recupere le SID de l'utilisateur Required by Active Directory. More...
 
 binSIDtoText ($binsid)
 Returns the textual SID Indispensable pour Active Directory. More...
 
 search ($checkDn, $filter)
 Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule. More...
 
 fetch ($user, $filter)
 Load all attribute of a LDAP user. More...
 
 getUserIdentifier ()
 Returns the correct user identifier to use, based on the ldap server type. More...
 
 parseUACF ($uacf)
 UserAccountControl Flgs to more human understandable form... More...
 
 parseSAT ($samtype)
 SamAccountType value to text. More...
 
 convert_time ($value)
 Convertit le temps ActiveDirectory en Unix timestamp. More...
 
 convFromOutputCharset ($str, $pagecodeto='UTF-8')
 Convert a string from output/memory charset. More...
 
 getNextGroupGid ($keygroup='LDAP_KEY_GROUPS')
 Return available value of group GID. More...
 

Public Attributes

 $server = array()
 Tableau des serveurs (IP addresses ou nom d'hotes)
 
 $connectedServer
 Current connected server.
 
 $dn
 Base DN (e.g. More...
 
 $serverType
 type de serveur, actuellement OpenLdap et Active Directory
 
 $ldapProtocolVersion
 Version du protocole ldap.
 
 $domain
 Server DN.
 
 $searchUser
 User administrateur Ldap Active Directory ne supporte pas les connexions anonymes.
 
 $searchPassword
 Mot de passe de l'administrateur Active Directory ne supporte pas les connexions anonymes.
 
 $people
 DN des utilisateurs.
 
 $groups
 DN des groupes.
 
 $ldapErrorCode
 Code erreur retourne par le serveur Ldap.
 
 $ldapErrorText
 Message texte de l'erreur.
 
 $connection
 The internal LDAP connection handle.
 
 $result
 Result of any connections etc.
 
const SYNCHRO_NONE = 0
 No Ldap synchronization.
 
const SYNCHRO_DOLIBARR_TO_LDAP = 1
 Dolibarr to Ldap synchronization.
 
const SYNCHRO_LDAP_TO_DOLIBARR = 2
 Ldap to Dolibarr synchronization.
 

Private Member Functions

 convToOutputCharset ($str, $pagecodefrom='UTF-8')
 Convert a string into output/memory charset. More...
 

Detailed Description

Class to manage LDAP features.

Definition at line 34 of file ldap.class.php.

Member Function Documentation

◆ add()

Ldap::add (   $dn,
  $info,
  $user 
)

Add a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int <0 if KO, >0 if OK

Definition at line 459 of file ldap.class.php.

◆ addAttribute()

Ldap::addAttribute (   $dn,
  $info,
  $user 
)

Add a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int <0 if KO, >0 if OK

Definition at line 806 of file ldap.class.php.

◆ bind()

Ldap::bind ( )

Anonymously binds to the connection.

After this is done, queries and searches can be done - but read-only.

Returns
boolean true or false

Definition at line 359 of file ldap.class.php.

◆ bindauth()

Ldap::bindauth (   $bindDn,
  $pass 
)

Binds as an authenticated user, which usually allows for write access.

The FULL dn must be passed. For a directory manager, this is "cn=Directory Manager" under iPlanet. For a user, it will be something like "uid=jbloggs,ou=People,dc=foo,dc=com".

Parameters
string$bindDnDN
string$passPassword
Returns
boolean true or false

Definition at line 381 of file ldap.class.php.

Referenced by getObjectSid().

◆ binSIDtoText()

Ldap::binSIDtoText (   $binsid)

Returns the textual SID Indispensable pour Active Directory.

Parameters
string$binsidBinary SID
Returns
string Textual SID

Definition at line 1185 of file ldap.class.php.

◆ close()

Ldap::close ( )

Simply closes the connection set up earlier.

Returns true if OK, false if there was an error. This method seems a duplicate/alias of unbind().

Returns
boolean true or false
Deprecated:
ldap_close is an alias of ldap_unbind, so use unbind() instead.
See also
unbind()

Definition at line 348 of file ldap.class.php.

References unbind().

◆ connect_bind()

Ldap::connect_bind ( )

Connect and bind Use this->server, this->serverPort, this->ldapProtocolVersion, this->serverType, this->searchUser, this->searchPassword After return, this->connection and $this->bind are defined.

Returns
int <0 if KO, 1 if bind anonymous, 2 if bind auth

Definition at line 195 of file ldap.class.php.

◆ convert_time()

Ldap::convert_time (   $value)

Convertit le temps ActiveDirectory en Unix timestamp.

Parameters
string$valueAD time to convert
Returns
integer Unix timestamp

Definition at line 1422 of file ldap.class.php.

◆ convFromOutputCharset()

Ldap::convFromOutputCharset (   $str,
  $pagecodeto = 'UTF-8' 
)

Convert a string from output/memory charset.

Parameters
string$strString to convert
string$pagecodetoPage code for result string
Returns
string Converted string

Definition at line 1459 of file ldap.class.php.

◆ convToOutputCharset()

Ldap::convToOutputCharset (   $str,
  $pagecodefrom = 'UTF-8' 
)
private

Convert a string into output/memory charset.

Parameters
string$strString to convert
string$pagecodefromPage code of src string
Returns
string Converted string

Definition at line 1440 of file ldap.class.php.

◆ delete()

Ldap::delete (   $dn)

Delete a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
Returns
int <0 if KO, >0 if OK

Definition at line 659 of file ldap.class.php.

References $dn, and dol_syslog().

◆ deleteAttribute()

Ldap::deleteAttribute (   $dn,
  $info,
  $user 
)

Delete a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int <0 if KO, >0 if OK

Definition at line 898 of file ldap.class.php.

◆ dump()

Ldap::dump (   $dn,
  $info 
)

Dump a LDAP message to ldapinput.in file.

Parameters
string$dnDN entry key
array$infoAttributes array
Returns
int <0 if KO, >0 if OK

Definition at line 729 of file ldap.class.php.

◆ dump_content()

Ldap::dump_content (   $dn,
  $info 
)

Build a LDAP message.

Parameters
string$dnDN entry key
array$infoAttributes array
Returns
string Content of file

Definition at line 692 of file ldap.class.php.

◆ fetch()

Ldap::fetch (   $user,
  $filter 
)

Load all attribute of a LDAP user.

Parameters
User | string$userNot used.
string$filterFilter for search. Must start with &. Examples: &(objectClass=inetOrgPerson) &(objectClass=user)(objectCategory=person) &(isMemberOf=cn=Sales,ou=Groups,dc=opencsi,dc=com)
Returns
int >0 if OK, <0 if KO

Definition at line 1243 of file ldap.class.php.

◆ getAttribute()

Ldap::getAttribute (   $dn,
  $filter 
)

Returns an array containing attributes and values for first record.

Parameters
string$dnDN entry key
string$filterFilter
Returns
int|array <0 or false if KO, array if OK

Definition at line 942 of file ldap.class.php.

◆ getAttributeValues()

Ldap::getAttributeValues (   $filterrecord,
  $attribute 
)

Returns an array containing values for an attribute and for first record matching filterrecord.

Parameters
string$filterrecordRecord
string$attributeAttributes
Returns
array|boolean

Definition at line 983 of file ldap.class.php.

◆ getNextGroupGid()

Ldap::getNextGroupGid (   $keygroup = 'LDAP_KEY_GROUPS')

Return available value of group GID.

Parameters
string$keygroupKey of group
Returns
int gid number

Definition at line 1478 of file ldap.class.php.

◆ getObjectSid()

Ldap::getObjectSid (   $ldapUser)

Recupere le SID de l'utilisateur Required by Active Directory.

Parameters
string$ldapUserLogin de l'utilisateur
Returns
string Sid

Definition at line 1135 of file ldap.class.php.

References bindauth().

◆ getRecords()

Ldap::getRecords (   $search,
  $userDn,
  $useridentifier,
  $attributeArray,
  $activefilter = 0,
  $attributeAsArray = array() 
)

Returns an array containing a details or list of LDAP record(s).

ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword

Parameters
string$searchValue of field to search, '*' for all. Not used if $activefilter is set.
string$userDnDN (Ex: ou=adherents,ou=people,dc=parinux,dc=org)
string$useridentifierName of key field (Ex: uid).
array$attributeArrayArray of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword)
int$activefilter'1' or 'user'=use field this->filter as filter instead of parameter $search, 'group'=use field this->filtergroup as filter, 'member'=use field this->filtermember as filter
array$attributeAsArrayArray of fields wanted as an array not a string
Returns
array|int Array of [id_record][ldap_field]=value

Definition at line 1026 of file ldap.class.php.

◆ getUserIdentifier()

Ldap::getUserIdentifier ( )

Returns the correct user identifier to use, based on the ldap server type.

Returns
string Login

Definition at line 1327 of file ldap.class.php.

◆ getVersion()

Ldap::getVersion ( )

Verification de la version du serveur ldap.

Returns
string version

Definition at line 418 of file ldap.class.php.

◆ littleEndian()

Ldap::littleEndian (   $hex)

Converts a little-endian hex-number to one, that 'hexdec' can convert Required by Active Directory.

Parameters
string$hexHex value
Returns
string Little endian

Definition at line 1118 of file ldap.class.php.

References $result, and dol_strlen().

◆ modify()

Ldap::modify (   $dn,
  $info,
  $user 
)

Modify a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that modify
Returns
int <0 if KO, >0 if OK

Definition at line 507 of file ldap.class.php.

◆ parseSAT()

Ldap::parseSAT (   $samtype)

SamAccountType value to text.

Parameters
string$samtypeSamType
Returns
string Sam string

Definition at line 1389 of file ldap.class.php.

◆ parseUACF()

Ldap::parseUACF (   $uacf)

UserAccountControl Flgs to more human understandable form...

Parameters
string$uacfUACF
Returns
array

Definition at line 1342 of file ldap.class.php.

◆ rename()

Ldap::rename (   $dn,
  $newrdn,
  $newparent,
  $user,
  $deleteoldrdn = true 
)

Rename a LDAP entry Ldap object connect and bind must have been done.

Parameters
string$dnOld DN entry key (uid=qqq,ou=xxx,dc=aaa,dc=bbb) (before update)
string$newrdnNew RDN entry key (uid=qqq)
string$newparentNew parent (ou=xxx,dc=aaa,dc=bbb)
User$userObjet user that modify
bool$deleteoldrdnIf true the old RDN value(s) is removed, else the old RDN value(s) is retained as non-distinguished values of the entry.
Returns
int <0 if KO, >0 if OK

Definition at line 565 of file ldap.class.php.

◆ search()

Ldap::search (   $checkDn,
  $filter 
)

Fonction de recherche avec filtre this->connection doit etre defini donc la methode bind ou bindauth doit avoir deja ete appelee Ne pas utiliser pour recherche d'une liste donnee de proprietes car conflit majuscule-minuscule.

A n'utiliser que pour les pages 'Fiche LDAP' qui affiche champ lisibles par defaut.

Parameters
string$checkDnDN de recherche (Ex: ou=users,cn=my-domain,cn=com)
string$filterSearch filter (ex: (sn=nom_personne) )
Returns
array|int Array with answers (key lowercased - value)

Definition at line 1210 of file ldap.class.php.

◆ serverPing()

Ldap::serverPing (   $host,
  $port = 389,
  $timeout = 1 
)

Ping a server before ldap_connect for avoid waiting.

Parameters
string$hostServer host or address
int$portServer port (default 389)
int$timeoutTimeout in second (default 1s)
Returns
boolean true or false

Definition at line 759 of file ldap.class.php.

◆ setReferrals()

Ldap::setReferrals ( )

changement du referrals.

Returns
boolean referrals

Definition at line 442 of file ldap.class.php.

◆ setVersion()

Ldap::setVersion ( )

Change ldap protocol version to use.

Returns
boolean version

Definition at line 430 of file ldap.class.php.

◆ unbind()

Ldap::unbind ( )

Unbind of LDAP server (close connection).

Returns
boolean true or false
See also
close()

Definition at line 399 of file ldap.class.php.

Referenced by close().

◆ update()

Ldap::update (   $dn,
  $info,
  $user,
  $olddn,
  $newrdn = false,
  $newparent = false 
)

Modify a LDAP entry (to use if dn != olddn) Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that update
string$olddnOld DN entry key (before update)
string$newrdnNew RDN entry key (uid=qqq) (for ldap_rename)
string$newparentNew parent (ou=xxx,dc=aaa,dc=bbb) (for ldap_rename)
Returns
int <0 if KO, >0 if OK

Definition at line 609 of file ldap.class.php.

◆ updateAttribute()

Ldap::updateAttribute (   $dn,
  $info,
  $user 
)

Update a LDAP attribute in entry Ldap object connect and bind must have been done.

Parameters
string$dnDN entry key
array$infoAttributes array
User$userObjet user that create
Returns
int <0 if KO, >0 if OK

Definition at line 852 of file ldap.class.php.

Member Data Documentation

◆ $dn

Ldap::$dn

Base DN (e.g.

"dc=foo,dc=com")

Definition at line 59 of file ldap.class.php.

Referenced by delete().


The documentation for this class was generated from the following file: