[Helpmeict-cvs] Import users from LDAP (Active Directory)changes..

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,
I don't know what the process of submitting changes is, so I thought I'd 
just send the changes to this list and if anyone thinks this code is 
useful then they can add it to the codebase.

What this does is add an "Import from LDAP" feature alongside the 
"Import from CSV" button. It then prompts for the servername, bind 
account and password. It then returns a list of users and imports them.

Heres the diff output from sitesandusers.php CVS version 1.22

I can provide the entire file if thats more useful?

Cheers
Dax
--------------------------------------------------------------------------------------
# diff sitesandusers.php ../helpdeskcvs/sitesandusers.php
63c63
<   global $act, $usertype, $message, $users, $is_pgsql, $iuds, $ldap, 
$lpass,$loginname, $ldapname, $ldapmail, $server, $basedn, $ds, $data;
---
 >   global $act, $usertype, $message, $users, $is_pgsql, $iuds, $ldap;
65a66
 >
131,138c132
<                'ldap',
<                'server',
<                'basedn',
<                'lname',
<                'lpass',
<                'loginname',
<                'ldapname',
<                'ldapmail',
---
 >                'ldap'
547,697d540
< // Dax Changes start here:
<   // Action: Import users from LDAP Action
<   if ($act == 'importldapaction') {
<    
<     if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) {
<       die("Failed to set protocol version to 3");
<     }
<
<     // Connect to LDAP server
<     if (!($connect=ldap_connect($server))) {
<       die("Could not connect to ldap server");
<     }
<    
<     if (!($bind=ldap_bind($connect, $lname, $lpass))) {
<       die("Unable to bind to server " .
<         "(invalid lookup username/password?)");
<      
<     }
<
<     // Lookup the details via LDAP
<    
<     $filter = "(&(objectClass=user)(".$loginname."=*))";
<    
<     if (!($search=ldap_search($connect, $basedn, $filter))) {
<       die("Unable to search ldap server.");
<     }
<    
<     $number_returned = ldap_count_entries($connect,$search);
<     $info = ldap_get_entries($connect, $search);
<    
<     if ($number_returned == 0) {
<       die("Search for user returned no results (Either the user doesn't"
<         . "exist or the lookup username does not have the"
<         . "required priviledges to search.");
<     }
<    
<     $act = '';
<     $row = 0;
<     $skippedrows = array();
<     $ignoredrows = array();
<     $insertedrows = array();
<     $importedrows = array();   
<     foreach ($info as $key2 => $rsts) {
<       if ($rsts[$ldapname][0]) {
<       $data[0] = $rsts[$ldapname][0];
<       }
<       if ($rsts[$loginname][0]) {
<       $data[1] = $rsts[$loginname][0];
<       }
<       $row++;
<       $num = count ($data);
<       if ($num != 3) {
<       $skippedrows[] = $row;
<       } else if (substr(strtolower(trim($data[1])), -9) == '{deleted}') {
<       $invalidusernamerows[] = $row;
<       } else {
<       $usersRS = db_recordset("SELECT * FROM tbl_Users WHERE 
\"username\"='" . addslashes(strtolower(trim($data[1]))) . "'");
<       if (count($usersRS) == 0) {
<         // Add user
<        
<         $data[0] = str_replace("'", "", $data[0] );
<
<         db_send("INSERT INTO tbl_Users 
(name,username,pass,available,email,ldap) VALUES 
('".trim($data[0])."','" . strtolower(trim($data[1])) . "','" . 
md5(strtolower(trim($data[1]))) . "',1,'" . trim($data[2]) . "',1)");
<                
<         $userset = db_recordset("SELECT currval('tbl_users_id_seq') AS 
val FROM tbl_Users;");
<         $user = $userset[0][val];
<        
<         db_send("INSERT INTO tbl_UserDomains 
(userid,domain,defaultflag) VALUES ($user,$_SESSION[_domain],1);");
<        
<         $insertedrows[] = $row;
<       } else {
<         $ignoredrows[] = $row;
<       }
<       }
<       $data = array();
<     }   
<    
<     if ((count($insertedrows)+count($importedrows))>0) {
<       $message = 'NOTE: ' . 
(count($insertedrows)+count($importedrows)) . ' users successfully 
imported.';
<     } else {
<       $message = 'NOTE: No users imported.';
<     }
<     $message .= '<br />&rsaquo; <strong> ' . $row . ' records found in 
file</strong>.';
<     if (count($skippedrows)>0) {
<       $message .= '<br />&rsaquo; <strong> ' . count($skippedrows) . ' 
malformed records were skipped</strong>.';
<     }
<     if (count($ignoredrows)>0) {
<       $message .= '<br />&rsaquo; <strong> ' . count($ignoredrows) . ' 
duplicate records were ignored</strong>.';
<     }
<     if (count($invalidusernamerows)>0) {
<       $message .= '<br />&rsaquo; <strong> ' . 
count($invalidusernamerows) . '
<         records with invalid usernames (i.e. with the suffix 
{deleted}) were
<         skipped</strong>.';
<     }
<  
<   }
<     // Action: Import users from LDAP
<     if ($act == 'importldap') {
<  
<     display($message);
< ?>
<      
<   <div class="maintitle">
<     <h1>Import Users</h1>
<   </div>
<   <div class="maindark">
<     <p>Upload user list from LDAP</p></div>
<   <div class="main">
<      <p>This will import all users defined in the organisational unit 
defined below, any users that already exist will be ignnored. The 
predefined values are suitable for Active Directory imports.
<     </p>
<     <form method="post">
<     <input type="hidden" name="act" value="importldapaction" />
<       <div class="labelfieldpair">
<         <div class="label"><label for="server">LDAP server:</label></div>
<         <div class="field"><input type="text" name="server" 
id="server" size="20" maxlength="40" value="ldapservername.domain.com" 
/></div>
<       </div>
<       <div class="labelfieldpair">
<         <div class="label"><label for="basedn">Base DN:</label></div>
<         <div class="field"><input type="text" name="basedn" 
id="basedn" size="20" maxlength="80" value="ou=Domain 
Users,dc=corp,dc=domain,dc=com" /></div>
<       </div>
<       <div class="labelfieldpair">
<         <div class="label"><label for="lname">Lookup 
Username:</label></div>
<         <div class="field"><input type="text" name="lname" id="lname" 
size="20" maxlength="40" value="search" /></div>
<       </div>
<       <div class="labelfieldpair">
<         <div class="label"><label for="lpass">Lookup 
Password:</label></div>
<         <div class="field"><input type="text" name="lpass" id="lpass" 
size="20" maxlength="40" value="" /></div>
<       </div>
<       <div class="labelfieldpair">
<         <div class="label"><label for="loginname">LDAP 
username:</label></div>
<         <div class="field"><input type="text" name="loginname" 
id="loginname" size="20" maxlength="40" value="samaccountname" /></div>
<       </div>
<       <div class="labelfieldpair">
<         <div class="label"><label for="ldapname">LDAP Full 
Name:</label></div>
<         <div class="field"><input type="text" name="ldapname" 
id="ldapname" size="20" maxlength="40" value="cn" /></div>
<       </div>
<       <div class="buttonpanel">
<         <input name="submit" type="submit" id="submit" value="Import!" />
<         <input name="reset" type="reset" id="reset" value="Reset" />
<         <input name="cancel" type="button" id="cancel" value="Cancel" 
onclick="document.location='sitesandusers.php'" />
<       </div>
<     </form>
<   </div>
<
< <?php
<                                                
<  
<   }
<
<   //Dax changes finish
<
783d625
<           <input type="button" value="From LDAP..." 
onclick="mainSubmit('importldap')" /><br />
[root@asu-apache-01 helpdesk]#