Add Active Directory support (closes 1876288).

This is slightly modified from Aiko's patch to apply cleanly and add a few more comments to the example config.
2026-03-14 08:10:13 +00:00 · 2008-02-15 06:28:23 +13:00 · 2008-02-15 06:28:23 +13:00 · a4df7abe9f
commit a4df7abe9f
parent 4ce605f13a
2 changed files with 36 additions and 5 deletions
--- a/config/example-config.php
+++ b/config/example-config.php
@ -166,6 +166,10 @@ $c->admin_email ='calendar-admin@example.com';
 /********************************/
 /*********** LDAP hook **********/
 /********************************/
+/*
+ * For Active Directory go down to the next example.
+ */
+
 //$c->authenticate_hook['call'] = 'LDAP_check';
 //$c->authenticate_hook['config'] = array(
 //    'host' => 'www.tennaxia.net', //host name of your LDAP Server
@ -207,6 +211,29 @@ $c->admin_email ='calendar-admin@example.com';
 //
 //include('drivers_ldap.php');

+/*
+ * Use the following LDAP example if you are using Active Directory
+ *
+ * You will need to  change host, passDN and DOMAIN in bindDN
+ * and baseDNUsers.
+ */
+//$c->authenticate_hook['call'] = 'LDAP_check';
+//$c->authenticate_hook['config'] = array(
+//    'host'              => 'ldap://ldap.example.net',
+//    'bindDN'            => 'auth@DOMAIN',
+//    'passDN'            => 'secret',
+//    'baseDNUsers'       => 'dc=DOMAIN,dc=local',
+//    'protocolVersion'   => 3,
+//    'optReferrals'      => 0,
+//    'filterUsers'       => '(&(objectcategory=person)(objectclass=user)(givenname=*))',
+//    'mapping_field'     => array("username" => "uid",
+//                                 "fullname" => "cn" ,
+//                                 "email"    => "mail"),
+//    'default_value'     => array("date_format_type" => "E","locale" => "en_NZ"),
+//    'format_updated'    => array('Y' => array(0,4),'m' => array(4,2),'d'=> array(6,2),'H' => array(8,2),'M'=>array(10,2),'S' => array(12,2))
+//    );
+//include('drivers_ldap.php');
+

 /**
 * Authentication against PAM using the Squid helper script.
--- a/inc/drivers_ldap.php
+++ b/inc/drivers_ldap.php
@ -50,6 +50,13 @@ class ldapDrivers
          $this->valid=false;
          return ;
      }
+
+      //Set LDAP protocol version
+      if (isset($config['protocolVersion']))
+          ldap_set_option($this->connect, LDAP_OPT_PROTOCOL_VERSION, $config['protocolVersion']);
+      if (isset($config['optReferrals']))
+          ldap_set_option($this->connect, LDAP_OPT_REFERRALS, $config['optReferrals']);
+
      if ($port)
          $this->connect=ldap_connect($host, $port);
      else
@ -63,9 +70,6 @@ class ldapDrivers

      dbg_error_log( "LDAP", "drivers_ldap : Connected to LDAP server %s",$host );

-      //Set LDAP protocol version
-      if (isset($config['protocolVersion'])) ldap_set_option($this->connect,LDAP_OPT_PROTOCOL_VERSION, $config['protocolVersion']);
-
      // Start TLS if desired (requires protocol version 3)
      if (isset($config['startTLS'])) {
        if (!ldap_set_option($this->connect, LDAP_OPT_PROTOCOL_VERSION, 3)) {
@ -89,11 +93,11 @@ class ldapDrivers
        break;
      case "onelevel":
        $this->ldap_query_one = ldap_list;
-        $this->ldap_query_all = ldap_list;
+        $this->ldap_query_all = ldap_search;
        break;
      default:
        $this->ldap_query_one = ldap_search;
-        $this->ldap_query_all = ldap_list;
+        $this->ldap_query_all = ldap_search;
        break;
      }