From edeb82735c3c418a5acc7b689d3ce2fb0a091e27 Mon Sep 17 00:00:00 2001
From: nuxsmin <nuxsmin@syspass.org>
Date: Mon, 21 Nov 2016 14:56:24 +0100
Subject: [PATCH] * [DEV] Fixed LDAP searching when group is not set.

---
 inc/SP/Auth/Ldap/LdapMsAds.class.php | 8 ++++++--
 inc/SP/Auth/Ldap/LdapStd.class.php   | 8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/inc/SP/Auth/Ldap/LdapMsAds.class.php b/inc/SP/Auth/Ldap/LdapMsAds.class.php
index a31b1536..ee999067 100644
--- a/inc/SP/Auth/Ldap/LdapMsAds.class.php
+++ b/inc/SP/Auth/Ldap/LdapMsAds.class.php
@@ -43,9 +43,13 @@ class LdapMsAds extends LdapBase
      */
     protected function getGroupDnFilter()
     {
-        $groupDN = (!empty($this->group)) ? $this->searchGroupDN() : '*';
+        if (empty($this->group)) {
+            return '(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))';
+        } else {
+            $groupDN = $this->searchGroupDN();
 
-        return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . ')(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
+            return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . ')(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
+        }
     }
 
     /**
diff --git a/inc/SP/Auth/Ldap/LdapStd.class.php b/inc/SP/Auth/Ldap/LdapStd.class.php
index b6db04f5..634cfeb3 100644
--- a/inc/SP/Auth/Ldap/LdapStd.class.php
+++ b/inc/SP/Auth/Ldap/LdapStd.class.php
@@ -42,9 +42,13 @@ class LdapStd extends LdapBase
      */
     protected function getGroupDnFilter()
     {
-        $groupDN = (!empty($this->group)) ? $this->searchGroupDN() : '*';
+        if (empty($this->group)){
+            return '(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))';
+        } else {
+            $groupDN = $this->searchGroupDN();
 
-        return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
+            return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
+        }
     }
 
     /**