DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge 7a59a9b16a into f4f6dcb885

Browse source
This commit is contained in:
Katharina Drexel 2025-03-04 20:51:32 +00:00 committed by GitHub
parent f4f6dcb885 7a59a9b16a
commit 87e6f4ade4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
app/Models/Ldap.php
View file

@ -95,6 +95,7 @@ class Ldap extends Model
$connection = self::connectToLdap(); $connection = self::connectToLdap();
$ldap_username_field = $settings->ldap_username_field; $ldap_username_field = $settings->ldap_username_field;
$baseDn = $settings->ldap_basedn; $baseDn = $settings->ldap_basedn;
// userDn should *not* depend on baseDN if LDAP auth -> redeclared further down
$userDn = $ldap_username_field.'='.$username.','.$settings->ldap_basedn; $userDn = $ldap_username_field.'='.$username.','.$settings->ldap_basedn;
if ($settings->is_ad == '1') { if ($settings->is_ad == '1') {
@ -119,6 +120,25 @@ class Ldap extends Model
Log::debug('Filter query: '.$filterQuery); Log::debug('Filter query: '.$filterQuery);
// userDn should be independent from baseDn (maybe you want to search in >=2 subtrees)
// -> better ask LDAP for user dn, that's why it is for
if ($settings->is_ad != '1') {
$userresults = ldap_search($connection, $baseDn, $filterQuery);
$userentries = ldap_get_entries($connection, $userresults);
// Can be empty if user does not exist
if ( $userentries["count"] == 1 ) {
$dn = $userentries[0]['dn'];
if ( $dn ) {
\Log::debug('User dn is: ' .$dn);
$userDn = $dn;
} else {
\Log::debug('User dn is empty.');
}
} else {
\Log::debug('Status of LDAP entries for user ' .$username. ': ' .$userentries["count"]. ' result(s).');
}
}
if (! $ldapbind = @ldap_bind($connection, $userDn, $password)) { if (! $ldapbind = @ldap_bind($connection, $userDn, $password)) {
Log::debug("Status of binding user: $userDn to directory: (directly!) ".($ldapbind ? "success" : "FAILURE")); Log::debug("Status of binding user: $userDn to directory: (directly!) ".($ldapbind ? "success" : "FAILURE"));
if (! $ldapbind = self::bindAdminToLdap($connection)) { if (! $ldapbind = self::bindAdminToLdap($connection)) {