inlcude AD primary group in user filter, if a group is selected. fixes #12190

This commit is contained in:
Arthur Schiwon 2014-11-17 16:30:50 +01:00
parent 55142186de
commit 323af55b50
1 changed files with 12 additions and 2 deletions

View File

@ -850,13 +850,23 @@ class Wizard extends LDAPUtility {
} }
$base = $this->configuration->ldapBase[0]; $base = $this->configuration->ldapBase[0];
foreach($cns as $cn) { foreach($cns as $cn) {
$rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn')); $rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn', 'primaryGroupToken'));
if(!$this->ldap->isResource($rr)) { if(!$this->ldap->isResource($rr)) {
continue; continue;
} }
$er = $this->ldap->firstEntry($cr, $rr); $er = $this->ldap->firstEntry($cr, $rr);
$attrs = $this->ldap->getAttributes($cr, $er);
$dn = $this->ldap->getDN($cr, $er); $dn = $this->ldap->getDN($cr, $er);
$filter .= '(memberof=' . $dn . ')'; if(empty($dn)) {
continue;
}
$filterPart = '(memberof=' . $dn . ')';
if(isset($attrs['primaryGroupToken'])) {
$pgt = $attrs['primaryGroupToken'][0];
$primaryFilterPart = '(primaryGroupID=' . $pgt .')';
$filterPart = '(|' . $filterPart . $primaryFilterPart . ')';
}
$filter .= $filterPart;
} }
$filter .= ')'; $filter .= ')';
} }