mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add support for LDAP directories using member in stead of memberUid and dn in stead of username for group members.

Browse Source 
Used the same variables as Observium, see http://www.observium.org/wiki/Authentication_modules#OpenLDAP
This commit is contained in:
Ultra2D
2015-04-01 16:10:50 +02:00
parent 74badf86de
commit 0ab454fefc
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
html/includes/authentication/ldap.inc.php
View File

@@ -30,7 +30,7 @@ function authenticate($username,$password)
}
else
{
if (ldap_compare($ds,$config['auth_ldap_group'],'memberUid',$username))
if (ldap_compare($ds,$config['auth_ldap_group'], $config['auth_ldap_groupmemberattr'],get_membername($username))===true)
{
return 1;
}
@@ -97,7 +97,7 @@ function get_userlevel($username)
$userlevel = 0;
# Find all defined groups $username is in
$filter = "(&(|(cn=" . join(")(cn=", array_keys($config['auth_ldap_groups'])) . "))(memberUid=" . $username . "))";
$filter = "(&(|(cn=" . join(")(cn=", array_keys($config['auth_ldap_groups'])) . "))(". $config['auth_ldap_groupmemberattr']. "=" . get_membername($username) . "))";
$search = ldap_search($ds, $config['auth_ldap_groupbase'], $filter);
$entries = ldap_get_entries($ds, $search);
@@ -154,7 +154,7 @@ function get_userlist()
$realname = $entry['cn'][0];
$user_id = $entry['uidnumber'][0];
if (!isset($config['auth_ldap_group']) || ldap_compare($ds,$config['auth_ldap_group'],'memberUid',$username))
if (!isset($config['auth_ldap_group']) || ldap_compare($ds,$config['auth_ldap_group'],$config['auth_ldap_groupmemberattr'],get_membername($username))===true)
{
$userlist[] = array('username' => $username, 'realname' => $realname, 'user_id' => $user_id);
}
@@ -182,4 +182,18 @@ function update_user($user_id,$realname,$level,$can_modify_passwd,$email)
return 0;
}
function get_membername ($username)
{
global $config;
if ($config['auth_ldap_groupmembertype'] == "fulldn")
{
$membername = $config['auth_ldap_prefix'] . $username . $config['auth_ldap_suffix'];
}
else
{
$membername = $username;
}
return $membername;
}
?>

1
includes/defaults.inc.php
View File

@@ -416,6 +416,7 @@ $config['auth_ldap_groupbase'] = "ou=group,dc=example,dc=com";
$config['auth_ldap_groups']['admin']['level'] = 10;
$config['auth_ldap_groups']['pfy']['level'] = 7;
$config['auth_ldap_groups']['support']['level'] = 1;
$config['auth_ldap_groupmemberattr'] = "memberUid";
// Sensors