id); } else { // email check failed or is disabled - register new FUDforum user. $uent = new fud_user_reg; $uent->users_opt = -1; $uent->login = _esc($login); $uent->plaintext_passwd = $password; $uent->name = ucwords(strtolower($info[0]['cn'][0])); $uent->alias = _esc($login)." (".ucwords(strtolower($info[0]['cn'][0])).")"; $uent->email = $info[0]['mail'][0]; //$login .'@'. $ini['LDAP_HOST']; $uent->add_user(); } } dbg('REFRESH_ALIAS_DUMMY3'); $usr_d = db_sab('SELECT id, passwd, salt FROM '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users WHERE login='. _esc($login)); if ( !((empty($usr_d->salt) && $usr_d->passwd == md5($password)) || $usr_d->passwd == sha1($usr_d->salt . sha1($password)))) { // Sync password $salt = substr(md5(uniqid(mt_rand(), true)), 0, 9); $sec_pass = sha1($salt . sha1($password)); q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET passwd='. _esc($sec_pass) .', salt='. _esc($salt) .' WHERE id='. $usr_d->id); } // Sync user details, if enabled if (!empty($ini['LDAP_EMAIL'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET email='. _esc($info[0][ $ini['LDAP_EMAIL'] ][0]) .' WHERE login='. _esc($login)); } //wl: 20130706 David Kikl - Names + Alias style: "netxxx (Surename Gname)" if (!empty($ini['LDAP_NAME'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET name='. _esc(ucwords(strtolower($info[0][$ini['LDAP_NAME']][0]))) .' WHERE login='. _esc($login)); } if (!empty($ini['LDAP_ALIAS'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login)); #dbg('REFRESH_ALIAS: UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0]['cn'][0])).")").' WHERE login='. _esc($login)); }//else dbg("REFRESH_ALIAS: empty ALIAS?"); return 1; // Allow access. dbg("REFRESH_ALIAS: ACCESS GRANTED"); } else { dbg("REFRESH_ALIAS: DENIEDDDDDDD..! $login != $ldap_login"); return 0; // Deny access. } ldap_close($connection); } function ldap_info() { return array('name' => 'LDAP Authentication', 'desc' => 'Authenticate forum users from an LDAP server. You probably want to disable "Allow Registration" and "Allow Password Resets" from the Global Settings Manager after enabling this plugin.
', 'cat' => 'Authentication', 'version' => '1.3-modified'); } function ldap_enable() { if (!extension_loaded('ldap')) { return array(null, 'You PHP installation doesn\'t support LDAP.'); // OK, Err. } return; // Good to go. } function ldap_config() { if((@include $GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini') === false) { $ini = NULL; } if (isset($_POST['Set'])) { foreach (array_keys($_POST) as $key) { if (substr($key,0,5) == 'LDAP_') { $ini[$key] = $_POST[$key]; } } // Array key from ldap_get_entries() must be lowercase. $ini['LDAP_UID'] = strtolower($ini['LDAP_UID']); $fp = fopen($GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini', 'w'); fwrite($fp, ''); fclose($fp); pf(successify('Settings successfully saved.')); } ?>

LDAP server URL:

(use ldap://<servername>:<port>/  for normal LDAP, or ldaps://<servername>:<port>/  for LDAP over SSL)

Enable TLS (Transport Layer Security) mode:

(do not enable this if using LDAP over SSL)

Is the LDAP server case insensitive (like Active Directory):

Proxy user (if required to bind via proxy):

Proxy password (if required to bind via proxy):

Look for usernames in namespace:

Property to query:

Comment: As administrators sets the Name Paramter this way: surename given-name

HARDCODED LDAP Attributes for forum user alias:
username (Surename Gname) (<- SURENAME GnAmE / surename GNAME / ect.)
(wl/dk alias)

HARDCODED LDAP Attributes for forum user real name:
Surename Gname (<- SURENAME GnAmE / surename GNAME / ect.)
(wl/dk alias)

LDAP Attribute for forum user email address:

(leave blank to use <login>@<ldap-server-name>  as forum user email address)

Check for existing user with this email address: