[SIZE=2][SIZE=1][SIZE=2]Hi
Am new to LDAP and PHP.
I have actually gotten through the LDAP User Authentication successfully by using this script below; It works just FINE!
===================================START CODE ===================================================
// onValidate Event
if ({login} == ‘domainadmin’)
{
// Do - Check for existing Admin.
$sqlc = “SELECT count(*) FROM sec_users WHERE (login = '”. substr({login},0, 32) ."’) AND active = ‘Y’";
sc_select(rs, $sqlc);
if({rs} === false || $rs->fields[0] === '0')
{ // Insert Admin with Administrator Privilege if Check fails. (parameters to connect to LDAP)
$str_sqlins = "INSERT INTO sec_users
( login, pswd, name, email, active, priv_admin )
VALUES
('domainadmin', 'spatial@???', 'Administrator', '', 'Y', 'Y')";
sc_exec_sql($str_sqlins);
$rs->Close();
}
$rs->Close();
$server = 'admin.example.com';
$dn = 'dc=example,dc=com';
// $ldaprdn = "cn=".{login}.",".$dn;
$ldaprdn = "uid=".{login}.",ou=people,".$dn;
$ldappass = {pswd};
$filter = '(&(uid=*)(objectClass=inetOrgPerson))';
}
else
{
$server = ‘admin.example.com’;
$dn = ‘dc=example,dc=com’;
$ldaprdn = “uid=”.{login}.",ou=people,".$dn;
$ldappass = {pswd};
$ldplogin = {login};
$filter = ‘(&(uid=’ . $ldplogin . ‘)(objectClass=inetOrgPerson))’;
}
// Connection to ldap server
$ldapconn = ldap_connect(“admin.example.com”) or die(“Could not connect to LDAP server.”);
// verify ldap option version
if (ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3))
{
// echo “GeoLANDA User Authentication System<br /><br />”;
}
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
if ($ldapconn)
{
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass) or die (“ACCESS DENIED…:”.ldap_error($ldapconn) . “<br />”);
}
// verify binding
if ($ldapbind)
{
// echo “ACCESS GRANTED…<br /><br />”;
}
// Get All LDAP users
$attrib = array(‘cn’, ‘uid’);
$ldapsearch = ldap_search($ldapconn, $dn, $filter, $attrib) or die ("Error in Search query: ".ldap_error($ldapconn));
$result = ldap_get_entries($ldapconn, $ldapsearch);
// echo $result["count"]." entries returned <br />";
for ($i=0; $i<$result[“count”]; $i++)
// echo “dn is: “. $result[$i][“dn”] .”<br />”;
// echo “<b>User:</b> “. $result[$i][“uid”][0] .” <b>Name:</b> “. $result[$i][“cn”][0] .”<br />”;
[_user] = $result[$i]["uid"][0] ;
$sql = "SELECT count(*) FROM sec_users
WHERE
(login = '". substr([_user],0, 32) ."' OR login = '". substr({login},0, 32) ."') AND active = 'Y'";
sc_select(rs, $sql);
$rs->Close();
[usr_login] = {login};
[usr_pswd] = sc_encode({pswd});
if(isset($result[0][‘uid’][0]))
{
[usr_name] = $result[0][‘uid’][0];
}
elseif(isset($result[0][‘cn’][0]))
{
[usr_name] = $result[0][‘cn’][0];
}
======================================END OF CODE ========================================================
My Challenge Now is with User and Application Synchronization.
Once I synchronize users at first run User/Application is successful, but when I add new user to LDAP and
try to synchronize applications to the new user(s) it does not synchronize any applications,
PLS Help, what is the problem with Synchronizing Application script? Or what am I missing?
=================================START CODE=======================================================
// onApplicationInit PHP Script for Synchronise Users
$arr_users = array();
$str_sql = “SELECT login FROM sec_users”;
sc_select(rs, $str_sql);
if({rs} !== FALSE)
{
while(!$rs->EOF)
{
$arr_users[ $rs->fields[0] ] = $rs->fields[0];
$rs->MoveNext();
}
$rs->Close();
}
$server = ‘admin.example.com’;
$dn = ‘dc=example,dc=com’;
if ([usr_login] == ‘domainadmin’)
{
$slogin = “uid=”.[usr_login].",ou=people,".$dn;
$spswd = sc_decode([usr_pswd]);
$ldapConn = ldap_connect(“admin.example.com”) or die(“Could not connect to LDAP server.”);
if (ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3))
{ // echo "Using LDAPv3
";
}
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if ($ldapConn)
{ // binding to ldap server
$ldapbind = ldap_bind($ldapConn, $slogin, $spswd);
}
// verify binding
if ($ldapbind) {
echo “LDAP bind successful…<br /><br />” or die ("LDAP bind failed…: ".ldap_error($ldapConn) . “<br />”);
}
$filter = "(&(objectClass=inetOrgPerson)(uid=*))";
$attrib = array("dn", "cn", "uid");
$ldapsrch = ldap_search($ldapConn, $dn, $filter, $attrib) or die ("Error in Search query: ".ldap_error($ldapConn));
$arr_ldap = ldap_get_entries($ldapConn, $ldapsrch);
/**
echo $arr_ldap["count"]." entries returned <br />";
// Show all Data
// Show the users
//echo '<b>Show all Users</b> <br /><br />';
**/
// for ($i=0; $i<$arr_ldap[“count”]; $i++)
// echo "dn is: ". $arr_ldap[$i]["dn"] ."<br />";
// echo "(<b>User:</b> ". $arr_ldap[$i]["uid"][0] ." <b>Name:</b> ". $arr_ldap[$i]["cn"][0] ."<br />)";
unset($arr_ldap[“count”]);
foreach($arr_ldap as $data)
{
if(isset($data[“uid”][0]))
{
$ldap_user_account = substr($data[“uid”][0], 0, 32);
}
$name = ( isset($data[“cn”][0]) ? $data[“cn”][0] : $ldap_user_account);
if(isset($arr_users[ $ldap_user_account ]))
{
$str_sql = "UPDATE sec_users SET name = '". $name ."' WHERE login='" . $ldap_user_account . "'";
unset($arr_users[ $ldap_user_account ]);
}
else
{
$str_sql = "INSERT INTO sec_users(
login,
pswd,
name,
email,
active
) VALUES (
'". $ldap_user_account ."',
'',
'". $name ."',
'',
'Y'
)";
}
sc_exec_sql($str_sql);
}
ldap_close($ldapConn);
}
====================================END OF CODE====================================[/SIZE][/SIZE][/SIZE]
