From 76ce1169a0c8cbb18423b1581800b9aa1050ccd5 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 9 Nov 2012 14:13:32 +0100 Subject: moved adLDAP to authad plugin and fixed includes --- .../authad/adLDAP/classes/adLDAPComputers.php | 153 +++++++++++++++++++++ 1 file changed, 153 insertions(+) create mode 100644 lib/plugins/authad/adLDAP/classes/adLDAPComputers.php (limited to 'lib/plugins/authad/adLDAP/classes/adLDAPComputers.php') diff --git a/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php b/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php new file mode 100644 index 000000000..71b24a04f --- /dev/null +++ b/lib/plugins/authad/adLDAP/classes/adLDAPComputers.php @@ -0,0 +1,153 @@ +adldap = $adldap; + } + + /** + * Get information about a specific computer. Returned in a raw array format from AD + * + * @param string $computerName The name of the computer + * @param array $fields Attributes to return + * @return array + */ + public function info($computerName, $fields = NULL) + { + if ($computerName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $filter = "(&(objectClass=computer)(cn=" . $computerName . "))"; + if ($fields === NULL) { + $fields = array("memberof","cn","displayname","dnshostname","distinguishedname","objectcategory","operatingsystem","operatingsystemservicepack","operatingsystemversion"); + } + $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); + $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); + + return $entries; + } + + /** + * Find information about the computers. Returned in a raw array format from AD + * + * @param string $computerName The name of the computer + * @param array $fields Array of parameters to query + * @return mixed + */ + public function infoCollection($computerName, $fields = NULL) + { + if ($computerName === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + + $info = $this->info($computerName, $fields); + + if ($info !== false) { + $collection = new adLDAPComputerCollection($info, $this->adldap); + return $collection; + } + return false; + } + + /** + * Check if a computer is in a group + * + * @param string $computerName The name of the computer + * @param string $group The group to check + * @param bool $recursive Whether to check recursively + * @return array + */ + public function inGroup($computerName, $group, $recursive = NULL) + { + if ($computerName === NULL) { return false; } + if ($group === NULL) { return false; } + if (!$this->adldap->getLdapBind()) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // use the default option if they haven't set it + + //get a list of the groups + $groups = $this->groups($computerName, array("memberof"), $recursive); + + //return true if the specified group is in the group list + if (in_array($group, $groups)){ + return true; + } + + return false; + } + + /** + * Get the groups a computer is in + * + * @param string $computerName The name of the computer + * @param bool $recursive Whether to check recursively + * @return array + */ + public function groups($computerName, $recursive = NULL) + { + if ($computerName === NULL) { return false; } + if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it + if (!$this->adldap->getLdapBind()){ return false; } + + //search the directory for their information + $info = @$this->info($computerName, array("memberof", "primarygroupid")); + $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames) + + if ($recursive === true) { + foreach ($groups as $id => $groupName){ + $extraGroups = $this->adldap->group()->recursiveGroups($groupName); + $groups = array_merge($groups, $extraGroups); + } + } + + return $groups; + } + +} +?> \ No newline at end of file -- cgit v1.2.3