use uniquemember instead of deprecated memberuid to identify LDAP group members. Attention: not every method is adjusted yet, so it breaks some things.
This commit is contained in:
Arthur Schiwon
parent
a82d709f87
commit
0933b5e7ab
|
|
@ -25,12 +25,10 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
|||
// //group specific settings
|
||||
protected $ldapGroupFilter;
|
||||
protected $ldapGroupDisplayName;
|
||||
protected $ldapGroupMemberAttr;
|
||||
|
||||
public function __construct() {
|
||||
$this->ldapGroupFilter = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
|
||||
$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
|
||||
$this->ldapGroupMemberAttr = OC_Appconfig::getValue('user_ldap', 'ldap_group_member_attr', 'memberUid');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -83,7 +81,17 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
|||
$this->ldapGroupDisplayName.'='.$gid
|
||||
));
|
||||
|
||||
return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false);
|
||||
$userDNs = $this->retrieveList($filter, LDAP_GROUP_MEMBER_ASSOC_ATTR, false);
|
||||
$users = array();
|
||||
$attr = OC_LDAP::conf('ldapUserDisplayName');
|
||||
foreach($userDNs as $dn) {
|
||||
$uid = OC_LDAP::readAttribute($dn, $attr);
|
||||
if($uid) {
|
||||
// if(($uid = OC_LDAP::readAttribute($dn, $attr)) != false){
|
||||
$users[] = $uid;
|
||||
}
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
*
|
||||
*/
|
||||
|
||||
define('LDAP_GROUP_MEMBER_ASSOC_ATTR','memberUid');
|
||||
define('LDAP_GROUP_MEMBER_ASSOC_ATTR','uniquemember');
|
||||
|
||||
//needed to unbind, because we use OC_LDAP only statically
|
||||
class OC_LDAP_DESTRUCTOR {
|
||||
|
|
@ -66,6 +66,27 @@ class OC_LDAP {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief reads a given attribute for an LDAP record identified by a DN
|
||||
* @param $dn the record in question
|
||||
* @param $attr the attribute that shall be retrieved
|
||||
* @returns the value on success, false otherwise
|
||||
*
|
||||
* Reads an attribute from an LDAP entry
|
||||
*/
|
||||
static public function readAttribute($dn, $attr) {
|
||||
$attr = strtolower($attr);
|
||||
$cr = self::getConnectionResource();
|
||||
|
||||
$rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
|
||||
$er = ldap_first_entry($cr, $rr);
|
||||
$result = ldap_get_attributes($cr, $er);
|
||||
if($result['count'] > 0){
|
||||
return $result[$attr][0];
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief executes an LDAP search, optimized for Users
|
||||
* @param $filter the LDAP filter for the search
|
||||
|
|
|
|||
Loading…
Reference in New Issue