mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Checking for groups now

Browse Source
This commit is contained in:
Falk Stern
2015-10-30 17:17:55 +01:00
parent 93b57040c5
commit 779c90b1fd
1 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
html/includes/authentication/active_directory.inc.php
View File

@@ -22,7 +22,29 @@ function authenticate($username, $password) {
if ($username && $ds) {
// bind with sAMAccountName instead of full LDAP DN
if (ldap_bind($ds, "{$username}@{$config['auth_ad_domain']}", $password)) {
return 1;
// group membership in one of the configured groups is required
if (isset($config['auth_ad_require_groupmembership']) &&
$config['auth_ad_require_groupmembership'] > 0) {
$search = ldap_search($ds, $config['auth_ad_base_dn'],
"(samaccountname={$username})", array('memberOf'));
$entries = ldap_get_entries($ds, $search);
$user_authenticated = 0;
foreach ($entries[0]['memberof'] as $entry) {
$group_cn = get_cn($entry);
if (isset($config['auth_ad_groups'][$group_cn]['level'])) {
// user is in one of the defined groups
$user_authenticated = 1;
}
}
return $user_authenticated;
} else {
// group membership is not required and user is valid
return 1;
};
} else {
return 0;
}