51ff3226 |
1 | |
2 | <? |
3 | |
4 | class LDAPuser { |
5 | |
6 | var $ldif; |
7 | var $dn; |
8 | var $filter; |
9 | var $values; |
10 | |
11 | function replicate($uid,$hkid,$password) { |
12 | |
13 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
14 | $adminpw = "abcd123"; |
15 | |
16 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
17 | |
18 | $this->ldif['cn'] = $uid; |
19 | $this->ldif['sn'] = $uid; |
20 | $this->ldif['hkid'] = $hkid; |
21 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); |
22 | $this->ldif['o'] = "h-k.sk"; |
23 | // $this->ldif['homeDirectory'] = "/home/".$hkid; |
24 | // $this->ldif['loginShell'] = "/bin/false"; |
25 | // $this->ldif['deliveryMode'] = "normal"; |
26 | // $this->ldif['mailQuotaCount'] = "10000"; |
27 | // $this->ldif['mailQuotaSize'] = "100000000"; |
28 | // $this->ldif['mailSizeMax'] = "10000000"; |
29 | // $this->ldif['mail'] = strtolower($uid)."@h-k.sk"; |
30 | // $this->ldif['mailalternateaddress'][0] = strtolower($uid)."@h-k.sk"; |
31 | // $this->ldif['mailalternateaddress'][1] = strtolower($uid)."@kyberia.sk"; |
32 | // $this->ldif['mailalternateaddress'][2] = strtolower($uid)."@hysteria.sk"; |
33 | // $this->ldif['accountstatus'] = "disabled"; |
34 | // $this->ldif['qmailUID'] = "123"; |
35 | // $this->ldif['uidnumber'] = "123"; |
36 | // $this->ldif['gidnumber'] = "123"; |
37 | // $this->ldif['qmailGID'] = "123"; |
38 | $this->ldif['uid'] = $uid; |
39 | |
40 | |
41 | $this->ldif['objectclass'][0] = "inetOrgPerson"; |
42 | // $this->ldif['objectclass'][1] = "posixAccount"; |
43 | $this->ldif['objectclass'][1] = "OpenLDAPPerson"; |
44 | $this->ldif['objectclass'][2] = "pilotPerson"; |
45 | $this->ldif['objectclass'][3] = "inetLocalMailRecipient"; |
46 | // $this->ldif['objectclass'][] = "qmailUser"; |
47 | $this->ldif['objectclass'][4] = "top"; |
48 | $this->ldif['objectclass'][5] = "person"; |
49 | $this->ldif['objectclass'][6] = "hkuser"; |
50 | |
51 | $c = ldap_connect("localhost"); |
52 | $b = ldap_bind($c, $admindn, $adminpw); |
53 | $r = ldap_add($c, "hkid=".$hkid.",".$this->dn, $this->ldif); |
54 | |
55 | //system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldaprepl.log"); |
56 | |
57 | ldap_close($c); |
58 | |
59 | } |
60 | |
61 | function ldap_mysql_sync($uid,$hkid,$password) { |
62 | |
63 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
64 | $adminpw = "abcd123"; |
65 | |
66 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
67 | |
68 | $this->ldif['cn'] = $uid; |
69 | $this->ldif['sn'] = $uid; |
70 | $this->ldif['hkid'] = $hkid; |
71 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($password))); |
72 | $this->ldif['o'] = "h-k.sk"; |
73 | $this->ldif['uid'] = $uid; |
74 | |
75 | $c = ldap_connect("localhost"); |
76 | $b = ldap_bind($c, $admindn, $adminpw); |
77 | $r = ldap_modify($c, "hkid=".$hkid.",".$this->dn, $this->ldif); |
78 | |
79 | system("echo \"".$uid.":".$hkid."(".ldap_error($c).")\" >> /tmp/ldapsync.log"); |
80 | |
81 | ldap_close($c); |
82 | |
83 | } |
84 | |
85 | function change_pass($uid,$old_pass,$new_pass) { |
86 | |
87 | $c = ldap_connect("localhost"); |
88 | |
89 | if ($c) { |
90 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
91 | $this->values = array("dn"); |
92 | $this->filter = "hkid=".$uid; |
93 | |
94 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
95 | |
96 | $res = ldap_get_entries($c, $sr); |
97 | $this->dn = $res[0]["dn"]; |
98 | |
99 | if ($res['count'] != 1) { |
100 | return false; |
101 | } |
102 | |
103 | if ($old_pass == "") { |
104 | return false; |
105 | } |
106 | |
107 | $b = ldap_bind($c, $this->dn, $old_pass); |
108 | // echo "binding".$this->dn." with $old_pass"; |
109 | if ($b) { |
110 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($new_pass))); |
111 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); |
112 | return $mod_ret; |
113 | } |
114 | |
115 | return false; |
116 | |
117 | }} |
118 | |
119 | function change_pass_forced($uid,$pass) { |
120 | |
121 | $c = ldap_connect("localhost"); |
122 | $adminpw = "abcd123"; |
123 | $admindn = "cn=kyberia,ou=Directory Administrators,dc=h-k,dc=sk"; |
124 | |
125 | if ($c) { |
126 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
127 | $this->values = array("dn"); |
128 | $this->filter = "hkid=".$uid; |
129 | |
130 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
131 | |
132 | $res = ldap_get_entries($c, $sr); |
133 | $this->dn = $res[0]["dn"]; |
134 | |
135 | if ($res['count'] != 1) { |
136 | return false; |
137 | } |
138 | |
139 | $b = ldap_bind($c, $admindn, $adminpw); |
140 | // echo "changing password to ".$this->dn.""; |
141 | if ($b) { |
142 | $this->ldif['userpassword'] = "{SHA}".base64_encode(pack("H*", sha1($pass))); |
143 | $mod_ret = ldap_modify($c, $this->dn, $this->ldif); |
144 | return $mod_ret; |
145 | } |
146 | |
147 | return false; |
148 | |
149 | }} |
150 | |
151 | function auth($uid,$password) { |
152 | |
153 | $c = ldap_connect("localhost"); |
154 | |
155 | if ($c) { |
156 | $this->dn = "ou=People,dc=h-k,dc=sk"; |
157 | $this->values = array("dn"); |
158 | $this->filter = "hkid=".$uid; |
159 | |
160 | $sr = ldap_search($c, $this->dn, $this->filter, $this->values); |
161 | |
162 | $res = ldap_get_entries($c, $sr); |
163 | |
164 | if ($res['count'] != 1) { |
165 | //system("echo \"(".$uid.") NOT FOUND\" >> /tmp/ldaprepl.log"); |
166 | return false; |
167 | } |
168 | |
169 | $this->dn = $res[0]["dn"]; |
170 | |
171 | //system("echo \"BINDING:".$this->dn."\" >> /tmp/ldaprepl.log"); |
172 | |
173 | if ($password == "") { |
174 | //system("echo \"(".$this->dn.") BIND FAILED (empty password)\" >> /tmp/ldaprepl.log"); |
175 | return false; |
176 | } |
177 | |
178 | $b = ldap_bind($c, $this->dn, $password); |
179 | |
180 | if ($b) { |
181 | //system("echo \"(".$this->dn.") BIND OK\" >> /tmp/ldaprepl.log"); |
182 | return true; |
183 | } |
184 | |
185 | //system("echo \"(".$this->dn.") BIND FAILED\" >> /tmp/ldaprepl.log"); |
186 | |
187 | return false; |
188 | |
189 | } |
190 | |
191 | } |
192 | } |
193 | |
194 | ?> |
195 | |
196 | |