Commit | Line | Data |
---|---|---|
e586807d H |
1 | |
2 | <? | |
3 | ||
4 | class LDAPuser { | |
5 | ||
6 | var $ldif; | |
7 | var $dn; | |
8 | var $filter; | |
9 | var $values; | |
10 | ||
11 | function replicate($uid,$hkid,$password) { | |
12 | ||
13 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; | |
14 | $adminpw = "abcd123"; | |
15 | ||
16 | $this->dn = "ou=People,dc=h-k,dc=sk"; | |
17 | ||
18 | $this->ldif['cn'] = $uid; | |
19 | $this->ldif['sn'] = $uid; | |
20 | $this->ldif['hkid'] = $hkid; | |
b42b2bf9 | 21 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); |
e586807d H |
22 | $this->ldif['o'] = "h-k.sk"; |
23 | // $this->ldif['homeDirectory'] = "/home/".$hkid; | |
24 | // $this->ldif['loginShell'] = "/bin/false"; | |
25 | // $this->ldif['deliveryMode'] = "normal"; | |
26 | // $this->ldif['mailQuotaCount'] = "10000"; | |
27 | // $this->ldif['mailQuotaSize'] = "100000000"; | |
28 | // $this->ldif['mailSizeMax'] = "10000000"; | |
29 | // $this->ldif['mail'] = strtolower($uid)."@h-k.sk"; | |
30 | // $this->ldif['mailalternateaddress'][0] = strtolower($uid)."@h-k.sk"; | |
31 | // $this->ldif['mailalternateaddress'][1] = strtolower($uid)."@kyberia.sk"; | |
32 | // $this->ldif['mailalternateaddress'][2] = strtolower($uid)."@hysteria.sk"; | |
33 | // $this->ldif['accountstatus'] = "disabled"; | |
34 | // $this->ldif['qmailUID'] = "123"; | |
35 | // $this->ldif['uidnumber'] = "123"; | |
36 | // $this->ldif['gidnumber'] = "123"; | |
37 | // $this->ldif['qmailGID'] = "123"; | |
38 | $this->ldif['uid'] = $uid; | |
39 | ||
40 | ||
41 | $this->ldif['objectclass'][0] = "inetOrgPerson"; | |
42 | // $this->ldif['objectclass'][1] = "posixAccount"; | |
43 | $this->ldif['objectclass'][1] = "OpenLDAPPerson"; | |
44 | $this->ldif['objectclass'][2] = "pilotPerson"; | |
45 | $this->ldif['objectclass'][3] = "inetLocalMailRecipient"; | |
46 | // $this->ldif['objectclass'][] = "qmailUser"; | |
47 | $this->ldif['objectclass'][4] = "top"; | |
48 | $this->ldif['objectclass'][5] = "person"; | |
49 | $this->ldif['objectclass'][6] = "hkuser"; | |
50 | ||
51 | $c = ldap_connect("localhost"); | |
52 | $b = ldap_bind($c, $admindn, $adminpw); | |
53 | $r = ldap_add($c, "hkid=".$hkid.",".$this->dn, $this->ldif); | |
54 | ||
55 | //system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldaprepl.log"); | |
56 | ||
57 | ldap_close($c); | |
58 | ||
59 | } | |
60 | ||
b42b2bf9 H |
61 | function ldap_mysql_sync($uid,$hkid,$password) { |
62 | ||
63 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; | |
64 | $adminpw = "abcd123"; | |
65 | ||
66 | $this->dn = "ou=People,dc=h-k,dc=sk"; | |
67 | ||
68 | $this->ldif['cn'] = $uid; | |
69 | $this->ldif['sn'] = $uid; | |
70 | $this->ldif['hkid'] = $hkid; | |
71 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); | |
72 | $this->ldif['o'] = "h-k.sk"; | |
73 | $this->ldif['uid'] = $uid; | |
74 | ||
75 | $c = ldap_connect("localhost"); | |
76 | $b = ldap_bind($c, $admindn, $adminpw); | |
77 | $r = ldap_modify($c, "hkid=".$hkid.",".$this->dn, $this->ldif); | |
78 | ||
79 | system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldapsync.log"); | |
80 | ||
81 | ldap_close($c); | |
82 | ||
83 | } | |
84 | ||
e586807d H |
85 | function change_pass($uid,$old_pass,$new_pass) { |
86 | ||
87 | $c = ldap_connect("localhost"); | |
88 | ||
89 | if ($c) { | |
90 | $this->dn = "ou=People,dc=h-k,dc=sk"; | |
91 | $this->values = array("dn"); | |
92 | $this->filter = "hkid=".$uid; | |
93 | ||
94 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); | |
95 | ||
96 | $res = ldap_get_entries($c, $sr); | |
97 | $this->dn = $res[0]["dn"]; | |
98 | ||
99 | if ($res['count'] != 1) { | |
100 | return false; | |
101 | } | |
102 | ||
103 | if ($old_pass == "") { | |
104 | return false; | |
105 | } | |
106 | ||
107 | $b = ldap_bind($c, $this->dn, $old_pass); | |
b42b2bf9 | 108 | // echo "binding".$this->dn." with $old_pass"; |
e586807d | 109 | if ($b) { |
b42b2bf9 | 110 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($new_pass))); |
e586807d H |
111 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); |
112 | return $mod_ret; | |
113 | } | |
114 | ||
115 | return false; | |
116 | ||
b42b2bf9 H |
117 | }} |
118 | ||
119 | function change_pass_forced($uid,$pass) { | |
120 | ||
121 | $c = ldap_connect("localhost"); | |
122 | $adminpw = "abcd123"; | |
123 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; | |
124 | ||
125 | if ($c) { | |
126 | $this->dn = "ou=People,dc=h-k,dc=sk"; | |
127 | $this->values = array("dn"); | |
128 | $this->filter = "hkid=".$uid; | |
129 | ||
130 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); | |
131 | ||
132 | $res = ldap_get_entries($c, $sr); | |
133 | $this->dn = $res[0]["dn"]; | |
134 | ||
135 | if ($res['count'] != 1) { | |
136 | return false; | |
137 | } | |
138 | ||
139 | $b = ldap_bind($c, $admindn, $adminpw); | |
140 | // echo "changing password to ".$this->dn.""; | |
141 | if ($b) { | |
142 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($pass))); | |
143 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); | |
144 | return $mod_ret; | |
145 | } | |
146 | ||
147 | return false; | |
148 | ||
e586807d H |
149 | }} |
150 | ||
151 | function auth($uid,$password) { | |
152 | ||
153 | $c = ldap_connect("localhost"); | |
154 | ||
155 | if ($c) { | |
156 | $this->dn = "ou=People,dc=h-k,dc=sk"; | |
157 | $this->values = array("dn"); | |
158 | $this->filter = "hkid=".$uid; | |
159 | ||
160 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); | |
161 | ||
162 | $res = ldap_get_entries($c, $sr); | |
163 | ||
164 | if ($res['count'] != 1) { | |
165 | //system("echo \"(".$uid.") NOT FOUND\" >> /tmp/ldaprepl.log"); | |
166 | return false; | |
167 | } | |
168 | ||
169 | $this->dn = $res[0]["dn"]; | |
170 | ||
171 | //system("echo \"BINDING:".$this->dn."\" >> /tmp/ldaprepl.log"); | |
172 | ||
173 | if ($password == "") { | |
174 | //system("echo \"(".$this->dn.") BIND FAILED (empty password)\" >> /tmp/ldaprepl.log"); | |
175 | return false; | |
176 | } | |
177 | ||
178 | $b = ldap_bind($c, $this->dn, $password); | |
179 | ||
180 | if ($b) { | |
181 | //system("echo \"(".$this->dn.") BIND OK\" >> /tmp/ldaprepl.log"); | |
182 | return true; | |
183 | } | |
184 | ||
185 | //system("echo \"(".$this->dn.") BIND FAILED\" >> /tmp/ldaprepl.log"); | |
186 | ||
187 | return false; | |
188 | ||
189 | } | |
190 | ||
191 | } | |
192 | } | |
193 | ||
194 | ?> | |
195 | ||
196 |