| 1 | |
| 2 | <? |
| 3 | |
| 4 | class LDAPuser { |
| 5 | |
| 6 | var $ldif; |
| 7 | var $dn; |
| 8 | var $filter; |
| 9 | var $values; |
| 10 | |
| 11 | function replicate($uid,$hkid,$password) { |
| 12 | |
| 13 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
| 14 | $adminpw = "abcd123"; |
| 15 | |
| 16 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
| 17 | |
| 18 | $this->ldif['cn'] = $uid; |
| 19 | $this->ldif['sn'] = $uid; |
| 20 | $this->ldif['hkid'] = $hkid; |
| 21 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); |
| 22 | $this->ldif['o'] = "h-k.sk"; |
| 23 | // $this->ldif['homeDirectory'] = "/home/".$hkid; |
| 24 | // $this->ldif['loginShell'] = "/bin/false"; |
| 25 | // $this->ldif['deliveryMode'] = "normal"; |
| 26 | // $this->ldif['mailQuotaCount'] = "10000"; |
| 27 | // $this->ldif['mailQuotaSize'] = "100000000"; |
| 28 | // $this->ldif['mailSizeMax'] = "10000000"; |
| 29 | // $this->ldif['mail'] = strtolower($uid)."@h-k.sk"; |
| 30 | // $this->ldif['mailalternateaddress'][0] = strtolower($uid)."@h-k.sk"; |
| 31 | // $this->ldif['mailalternateaddress'][1] = strtolower($uid)."@kyberia.sk"; |
| 32 | // $this->ldif['mailalternateaddress'][2] = strtolower($uid)."@hysteria.sk"; |
| 33 | // $this->ldif['accountstatus'] = "disabled"; |
| 34 | // $this->ldif['qmailUID'] = "123"; |
| 35 | // $this->ldif['uidnumber'] = "123"; |
| 36 | // $this->ldif['gidnumber'] = "123"; |
| 37 | // $this->ldif['qmailGID'] = "123"; |
| 38 | $this->ldif['uid'] = $uid; |
| 39 | |
| 40 | |
| 41 | $this->ldif['objectclass'][0] = "inetOrgPerson"; |
| 42 | // $this->ldif['objectclass'][1] = "posixAccount"; |
| 43 | $this->ldif['objectclass'][1] = "OpenLDAPPerson"; |
| 44 | $this->ldif['objectclass'][2] = "pilotPerson"; |
| 45 | $this->ldif['objectclass'][3] = "inetLocalMailRecipient"; |
| 46 | // $this->ldif['objectclass'][] = "qmailUser"; |
| 47 | $this->ldif['objectclass'][4] = "top"; |
| 48 | $this->ldif['objectclass'][5] = "person"; |
| 49 | $this->ldif['objectclass'][6] = "hkuser"; |
| 50 | |
| 51 | $c = ldap_connect("localhost"); |
| 52 | $b = ldap_bind($c, $admindn, $adminpw); |
| 53 | $r = ldap_add($c, "hkid=".$hkid.",".$this->dn, $this->ldif); |
| 54 | |
| 55 | //system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldaprepl.log"); |
| 56 | |
| 57 | ldap_close($c); |
| 58 | |
| 59 | } |
| 60 | |
| 61 | function ldap_mysql_sync($uid,$hkid,$password) { |
| 62 | |
| 63 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
| 64 | $adminpw = "abcd123"; |
| 65 | |
| 66 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
| 67 | |
| 68 | $this->ldif['cn'] = $uid; |
| 69 | $this->ldif['sn'] = $uid; |
| 70 | $this->ldif['hkid'] = $hkid; |
| 71 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); |
| 72 | $this->ldif['o'] = "h-k.sk"; |
| 73 | $this->ldif['uid'] = $uid; |
| 74 | |
| 75 | $c = ldap_connect("localhost"); |
| 76 | $b = ldap_bind($c, $admindn, $adminpw); |
| 77 | $r = ldap_modify($c, "hkid=".$hkid.",".$this->dn, $this->ldif); |
| 78 | |
| 79 | system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldapsync.log"); |
| 80 | |
| 81 | ldap_close($c); |
| 82 | |
| 83 | } |
| 84 | |
| 85 | function change_pass($uid,$old_pass,$new_pass) { |
| 86 | |
| 87 | $c = ldap_connect("localhost"); |
| 88 | |
| 89 | if ($c) { |
| 90 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
| 91 | $this->values = array("dn"); |
| 92 | $this->filter = "hkid=".$uid; |
| 93 | |
| 94 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
| 95 | |
| 96 | $res = ldap_get_entries($c, $sr); |
| 97 | $this->dn = $res[0]["dn"]; |
| 98 | |
| 99 | if ($res['count'] != 1) { |
| 100 | return false; |
| 101 | } |
| 102 | |
| 103 | if ($old_pass == "") { |
| 104 | return false; |
| 105 | } |
| 106 | |
| 107 | $b = ldap_bind($c, $this->dn, $old_pass); |
| 108 | // echo "binding".$this->dn." with $old_pass"; |
| 109 | if ($b) { |
| 110 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($new_pass))); |
| 111 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); |
| 112 | return $mod_ret; |
| 113 | } |
| 114 | |
| 115 | return false; |
| 116 | |
| 117 | }} |
| 118 | |
| 119 | function change_pass_forced($uid,$pass) { |
| 120 | |
| 121 | $c = ldap_connect("localhost"); |
| 122 | $adminpw = "abcd123"; |
| 123 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
| 124 | |
| 125 | if ($c) { |
| 126 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
| 127 | $this->values = array("dn"); |
| 128 | $this->filter = "hkid=".$uid; |
| 129 | |
| 130 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
| 131 | |
| 132 | $res = ldap_get_entries($c, $sr); |
| 133 | $this->dn = $res[0]["dn"]; |
| 134 | |
| 135 | if ($res['count'] != 1) { |
| 136 | return false; |
| 137 | } |
| 138 | |
| 139 | $b = ldap_bind($c, $admindn, $adminpw); |
| 140 | // echo "changing password to ".$this->dn.""; |
| 141 | if ($b) { |
| 142 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($pass))); |
| 143 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); |
| 144 | return $mod_ret; |
| 145 | } |
| 146 | |
| 147 | return false; |
| 148 | |
| 149 | }} |
| 150 | |
| 151 | function auth($uid,$password) { |
| 152 | |
| 153 | $c = ldap_connect("localhost"); |
| 154 | |
| 155 | if ($c) { |
| 156 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
| 157 | $this->values = array("dn"); |
| 158 | $this->filter = "hkid=".$uid; |
| 159 | |
| 160 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
| 161 | |
| 162 | $res = ldap_get_entries($c, $sr); |
| 163 | |
| 164 | if ($res['count'] != 1) { |
| 165 | //system("echo \"(".$uid.") NOT FOUND\" >> /tmp/ldaprepl.log"); |
| 166 | return false; |
| 167 | } |
| 168 | |
| 169 | $this->dn = $res[0]["dn"]; |
| 170 | |
| 171 | //system("echo \"BINDING:".$this->dn."\" >> /tmp/ldaprepl.log"); |
| 172 | |
| 173 | if ($password == "") { |
| 174 | //system("echo \"(".$this->dn.") BIND FAILED (empty password)\" >> /tmp/ldaprepl.log"); |
| 175 | return false; |
| 176 | } |
| 177 | |
| 178 | $b = ldap_bind($c, $this->dn, $password); |
| 179 | |
| 180 | if ($b) { |
| 181 | //system("echo \"(".$this->dn.") BIND OK\" >> /tmp/ldaprepl.log"); |
| 182 | return true; |
| 183 | } |
| 184 | |
| 185 | //system("echo \"(".$this->dn.") BIND FAILED\" >> /tmp/ldaprepl.log"); |
| 186 | |
| 187 | return false; |
| 188 | |
| 189 | } |
| 190 | |
| 191 | } |
| 192 | } |
| 193 | |
| 194 | ?> |
| 195 | |
| 196 | |