Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-11 02:46:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Fixes LDAP authentication for ADS

Browse Source
This commit is contained in:
nuxsmin
2014-05-18 14:15:13 +02:00
parent 93ff927cad
commit 6745378bc3
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
inc/auth.class.php
View File

@@ -61,12 +61,12 @@ class SP_Auth
$userDN = SP_LDAP::$ldapSearchData[0]['dn'];
// Mapeo de los atributos
$attribsMap = array(
'groupmembership' => 'group',
'memberof' => 'group',
'groupMembership' => 'group',
'memberOf' => 'group',
'displayname' => 'name',
'fullname' => 'name',
'mail' => 'mail',
'lockouttime' => 'expire');
'lockoutTime' => 'expire');
// Realizamos la conexión con el usuario real y obtenemos los atributos
try {
@@ -109,7 +109,7 @@ class SP_Auth
SP_Log::wrLogInfo($message);
}
self::$userName = $attribs['name'];
self::$userName = ($attribs['name']) ? $attribs['name'] : $userLogin;
self::$userEmail = $attribs['mail'];
return $ldapAccess;
@@ -122,12 +122,12 @@ class SP_Auth
*/
private static function checkLDAPGroup($group)
{
$ldapgroup = SP_Config::getValue('ldap_group');
$ldapGroup = strtolower(SP_Config::getValue('ldap_group'));
$groupName = array();
preg_match('/^cn=([\w\s-]+),.*/i', $group, $groupName);
if ($groupName[1] == $ldapgroup || $group == $ldapgroup) {
if (strtolower($groupName[1]) == $ldapGroup || strtolower($group) == $ldapGroup) {
return true;
}

2
inc/ldap.class.php
View File

@@ -341,7 +341,7 @@ class SP_LDAP
return false;
}
$filter = '(&(cn=' . $groupDN . ')(|(member=' . $userDN . ')(uniqueMember=' . $userDN . '))(|(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)))';
$filter = '(&(cn=' . $groupDN . ')(|(member=' . $userDN . ')(uniqueMember=' . $userDN . '))(|(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)(objectClass=group)))';
$filterAttr = array("member", "uniqueMember");
$searchRes = @ldap_search(self::$ldapConn, self::$searchBase, $filter, $filterAttr);