1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 10:12:41 +01:00

Add active-directory domain-based ldap authentication support

Summary: Add active-directory domain-based ldap authentication support

Test Plan: Tested on a live install against Active Directory on a Windows Server

Reviewers: epriestley

CC: aran, epriestley

Maniphest Tasks: T1496

Differential Revision: https://secure.phabricator.com/D2966
This commit is contained in:
Avishay Lavie 2012-07-13 15:16:16 +03:00
parent 241c810916
commit 226cf288e9
2 changed files with 16 additions and 4 deletions

View file

@ -604,6 +604,10 @@ return array(
// the array will be joined // the array will be joined
'ldap.real_name_attributes' => array(), 'ldap.real_name_attributes' => array(),
// A domain name to use when authenticating against Active Directory
// (e.g. 'example.com')
'ldap.activedirectory_domain' => '',
// The LDAP version // The LDAP version
'ldap.version' => 3, 'ldap.version' => 3,

View file

@ -111,10 +111,17 @@ final class PhabricatorLDAPProvider {
throw new Exception('Username and/or password can not be empty'); throw new Exception('Username and/or password can not be empty');
} }
$result = ldap_bind($this->getConnection(), $activeDirectoryDomain =
$this->getSearchAttribute() . '=' . $username . ',' . PhabricatorEnv::getEnvConfig('ldap.activedirectory_domain');
$this->getBaseDN(),
$password); if ($activeDirectoryDomain) {
$dn = $username . '@' . $activeDirectoryDomain;
} else {
$dn = $this->getSearchAttribute() . '=' . $username . ',' .
$this->getBaseDN();
}
$result = ldap_bind($this->getConnection(), $dn, $password);
if (!$result) { if (!$result) {
throw new Exception('Bad username/password.'); throw new Exception('Bad username/password.');
@ -176,6 +183,7 @@ final class PhabricatorLDAPProvider {
for($i = 0; $i < $entries['count']; $i++) { for($i = 0; $i < $entries['count']; $i++) {
$row = array(); $row = array();
$entry = $entries[$i]; $entry = $entries[$i];
// Get username, email and realname // Get username, email and realname
$username = $entry[$this->getSearchAttribute()][0]; $username = $entry[$this->getSearchAttribute()][0];
if(empty($username)) { if(empty($username)) {