use uniquemember instead of deprecated memberuid to identify LDAP group members. Attention: not every method is adjusted yet, so it breaks some things.
This commit is contained in:
Arthur Schiwon
parent
a82d709f87
commit
0933b5e7ab
|
|
@ -25,12 +25,10 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
// //group specific settings
|
// //group specific settings
|
||||||
protected $ldapGroupFilter;
|
protected $ldapGroupFilter;
|
||||||
protected $ldapGroupDisplayName;
|
protected $ldapGroupDisplayName;
|
||||||
protected $ldapGroupMemberAttr;
|
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
$this->ldapGroupFilter = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
|
$this->ldapGroupFilter = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
|
||||||
$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
|
$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
|
||||||
$this->ldapGroupMemberAttr = OC_Appconfig::getValue('user_ldap', 'ldap_group_member_attr', 'memberUid');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -83,7 +81,17 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
$this->ldapGroupDisplayName.'='.$gid
|
$this->ldapGroupDisplayName.'='.$gid
|
||||||
));
|
));
|
||||||
|
|
||||||
return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false);
|
$userDNs = $this->retrieveList($filter, LDAP_GROUP_MEMBER_ASSOC_ATTR, false);
|
||||||
|
$users = array();
|
||||||
|
$attr = OC_LDAP::conf('ldapUserDisplayName');
|
||||||
|
foreach($userDNs as $dn) {
|
||||||
|
$uid = OC_LDAP::readAttribute($dn, $attr);
|
||||||
|
if($uid) {
|
||||||
|
// if(($uid = OC_LDAP::readAttribute($dn, $attr)) != false){
|
||||||
|
$users[] = $uid;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $users;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
define('LDAP_GROUP_MEMBER_ASSOC_ATTR','memberUid');
|
define('LDAP_GROUP_MEMBER_ASSOC_ATTR','uniquemember');
|
||||||
|
|
||||||
//needed to unbind, because we use OC_LDAP only statically
|
//needed to unbind, because we use OC_LDAP only statically
|
||||||
class OC_LDAP_DESTRUCTOR {
|
class OC_LDAP_DESTRUCTOR {
|
||||||
|
|
@ -66,6 +66,27 @@ class OC_LDAP {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief reads a given attribute for an LDAP record identified by a DN
|
||||||
|
* @param $dn the record in question
|
||||||
|
* @param $attr the attribute that shall be retrieved
|
||||||
|
* @returns the value on success, false otherwise
|
||||||
|
*
|
||||||
|
* Reads an attribute from an LDAP entry
|
||||||
|
*/
|
||||||
|
static public function readAttribute($dn, $attr) {
|
||||||
|
$attr = strtolower($attr);
|
||||||
|
$cr = self::getConnectionResource();
|
||||||
|
|
||||||
|
$rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
|
||||||
|
$er = ldap_first_entry($cr, $rr);
|
||||||
|
$result = ldap_get_attributes($cr, $er);
|
||||||
|
if($result['count'] > 0){
|
||||||
|
return $result[$attr][0];
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief executes an LDAP search, optimized for Users
|
* @brief executes an LDAP search, optimized for Users
|
||||||
* @param $filter the LDAP filter for the search
|
* @param $filter the LDAP filter for the search
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue