Commit b234d36f authored by Franco Fichtner's avatar Franco Fichtner

ldap: further tweaks according to user feedback

Puts LDAP back in into its supposed working state.
parent 340da972
...@@ -126,17 +126,28 @@ class LDAP implements IAuthConnector ...@@ -126,17 +126,28 @@ class LDAP implements IAuthConnector
{ {
$result = false; $result = false;
if ($this->ldapHandle != null) { if ($this->ldapHandle != null) {
// if we're looking at multple dn's, split and combine output $searchpaths = array();
if (!empty($this->ldapAuthcontainers)) { if (!empty($this->ldapAuthcontainers)) {
$searchpaths = $this->ldapAuthcontainers; /* prepend each authentication container */
foreach (explode(';', $this->ldapAuthcontainers) as $container) {
$searchpath = array();
if (!empty($container)) {
$searchpath[] = $container;
}
if (!empty($this->baseSearchDN)) {
$searchpath[] = $this->baseSearchDN;
}
$searchpaths[] = implode(',', $searchpath);
}
} else { } else {
$searchpaths = $this->baseSearchDN; /* use a single base DN */
$searchpaths[] = $this->baseSearchDN;
} }
foreach (explode(";", $searchpaths) as $baseDN) { foreach ($searchpaths as $baseDN) {
if ($this->ldapScope == "one") { if ($this->ldapScope == 'one') {
$sr=@ldap_list($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr); $sr = @ldap_list($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr);
} else { } else {
$sr=@ldap_search($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr); $sr = @ldap_search($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr);
} }
if ($sr !== false) { if ($sr !== false) {
$info = @ldap_get_entries($this->ldapHandle, $sr); $info = @ldap_get_entries($this->ldapHandle, $sr);
......
...@@ -205,7 +205,7 @@ ...@@ -205,7 +205,7 @@
<displayname>User Naming Attribute</displayname> <displayname>User Naming Attribute</displayname>
<type>input</type> <type>input</type>
<bindstofield>ovpnserver->step2->nameattr</bindstofield> <bindstofield>ovpnserver->step2->nameattr</bindstofield>
<description>Typically "cn" (OpenLDAP, Novell eDirectory), "samAccountName" (Microsoft AD)</description> <description>Typically "cn" (OpenLDAP, Novell eDirectory), "sAMAccountName" (Microsoft AD)</description>
</field> </field>
<field> <field>
<name>groupattr</name> <name>groupattr</name>
......
...@@ -333,7 +333,7 @@ $( document ).ready(function() { ...@@ -333,7 +333,7 @@ $( document ).ready(function() {
$("#ldap_attr_user").val('cn'); $("#ldap_attr_user").val('cn');
break; break;
case 'msad': case 'msad':
$("#ldap_attr_user").val('samAccountName'); $("#ldap_attr_user").val('sAMAccountName');
break; break;
} }
}); });
...@@ -604,9 +604,12 @@ endif; ?> ...@@ -604,9 +604,12 @@ endif; ?>
<?php <?php
endif; ?> endif; ?>
<tr class="auth_ldap auth_options hidden"> <tr class="auth_ldap auth_options hidden">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("User naming attribute");?></td> <td><a id="help_for_ldap_attr_user" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("User naming attribute");?></td>
<td> <td>
<input name="ldap_attr_user" type="text" id="ldap_attr_user" size="20" value="<?=$pconfig['ldap_attr_user'];?>"/> <input name="ldap_attr_user" type="text" id="ldap_attr_user" size="20" value="<?=$pconfig['ldap_attr_user'];?>"/>
<div class="hidden" for="help_for_ldap_attr_user">
<?= gettext('Typically "cn" (OpenLDAP, Novell eDirectory), "sAMAccountName" (Microsoft AD)') ?>
</div>
</td> </td>
</tr> </tr>
<!-- RADIUS --> <!-- RADIUS -->
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment