Project

General

Profile

ldap-rfc2307.diff

Jim Pingle, 08/12/2015 03:25 PM

View differences:

etc/inc/auth.inc
919 919
                $ldapauthcont       = $authcfg['ldap_authcn'];
920 920
                $ldapnameattribute  = strtolower($authcfg['ldap_attr_user']);
921 921
                $ldapgroupattribute  = strtolower($authcfg['ldap_attr_member']);
922
                $ldapfilter         = "({$ldapnameattribute}={$username})";
922
                $ldapfilter         = "(&(objectClass=posixGroup)({$ldapgroupattribute}={$username}))";
923 923
                $ldaptype           = "";
924 924
                $ldapver            = $authcfg['ldap_protver'];
925 925
		if (empty($ldapbindun) || empty($ldapbindpw))
......
932 932
	} else
933 933
		return false;
934 934

  
935
	$ldapdn             = $_SESSION['ldapdn'];
935
	$ldapdn             = $ldapbasedn;
936 936

  
937 937
	/*Convert attribute to lowercase.  php ldap arrays put everything in lowercase */
938 938
	$ldapgroupattribute = strtolower($ldapgroupattribute);
......
983 983
	$info      = @ldap_get_entries($ldap, $search);
984 984

  
985 985
	$countem = $info["count"];	
986
	
987
	if(is_array($info[0][$ldapgroupattribute])) {
986

  
987
	if(is_array($info)) {
988 988
		/* Iterate through the groups and throw them into an array */
989
		foreach ($info[0][$ldapgroupattribute] as $member) {
990
			if (stristr($member, "CN=") !== false) {
991
				$membersplit = explode(",", $member);
989
		foreach ($info as $group) {
990
			if (stristr($group["dn"], "CN=") !== false) {
991
				$membersplit = explode(",", $group["dn"]);
992 992
				$memberof[] = preg_replace("/CN=/i", "", $membersplit[0]);
993 993
			}
994 994
		}