Updated active directory auth to support dashboards

daily.php

@@ -121,6 +121,9 @@ if ($options['f'] === 'purgeusers') {
     if (is_numeric($config['radius']['users_purge']) && $config['auth_mechanism'] === 'radius') {
         $purge = $config['radius']['users_purge'];
     }
+    if (is_numeric($config['active_directory']['users_purge']) && $config['auth_mechanism'] === 'active_directory') {
+        $purge = $config['active_directory']['users_purge'];
+    }
     if ($purge > 0) {
         foreach (dbFetchRows("SELECT DISTINCT(`user`) FROM `authlog` WHERE `datetime` >= DATE_SUB(NOW(), INTERVAL ? DAY)", array($purge)) as $user) {
             $users[] = $user['user'];

doc/Extensions/Authentication.md

@@ -116,6 +116,9 @@ If you have issues with secure LDAP try setting `$config['auth_ad_check_certific
 
 If you set ```$config['auth_ad_require_groupmembership']``` to 1, the authenticated user has to be a member of the specific group. Otherwise all users can authenticate, but are limited to user level 0 and only have access to shared dashboards. 
 
+> Cleanup of old accounts is done using the authlog. You will need to set the cleanup date for when old accounts will be purged which will happen AUTOMATICALLY.
+> Please ensure that you set the $config['authlog_purge'] value to be greater than $config['active_directory]['users_purge'] otherwise old users won't be removed.
+
 ##### Sample configuration
 
 ```
@@ -126,6 +129,7 @@ $config['auth_ad_base_dn'] = "dc=your-domain,dc=com";
 $config['auth_ad_groups']['admin']['level'] = 10;
 $config['auth_ad_groups']['pfy']['level']   = 7;
 $config['auth_ad_require_groupmembership']  = 0;
+$config['active_directory']['users_purge']  = 14;//Purge users who haven't logged in for 14 days.
 ```
 
 #### Radius Authentication

html/includes/authentication/active_directory.inc.php

@@ -86,7 +86,9 @@ function auth_usermanagement() {
 function adduser($username) {
     // Check to see if user is already added in the database
     if (!user_exists_in_db($username)) {
-        $userid = dbInsert(array('username' => $username, 'user_id' => get_userid($username), 'level' => "0", 'can_modify_passwd' => 0, 'twofactor' => 0), 'users');
+        $hasher    = new PasswordHash(8, false);
+        $encrypted = $hasher->HashPassword($password);
+        $userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'realname' => $realname, 'email' => $email, 'descr' => $description, 'level' => 0, 'can_modify_passwd' => $can_modify_passwd, 'twofactor' => $twofactor, 'user_id' => get_userid($username)), 'users');
         if ($userid == false) {
             return false;
         }
@@ -162,8 +164,12 @@ function get_userid($username) {
 
 
 function deluser() {
-    // not supported so return 0 
-    return 0;
+    dbDelete('bill_perms', '`user_name` =  ?', array($username));
+    dbDelete('devices_perms', '`user_name` =  ?', array($username));
+    dbDelete('ports_perms', '`user_name` =  ?', array($username));
+    dbDelete('users_prefs', '`user_name` =  ?', array($username));
+    dbDelete('users', '`user_name` =  ?', array($username));
+    return dbDelete('users', '`username` =  ?', array($username));
 }
 
 
@@ -221,14 +227,12 @@ function can_update_users() {
 
 function get_user($user_id) {
     // not supported so return 0
-    return 0;
+    return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id), true);
 }
 
 
 function update_user($user_id, $realname, $level, $can_modify_passwd, $email) {
-    // not supported so return 0 
-    return 0;
-
+    dbUpdate(array('realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
 }