function connectLdap($host,$userDn,$userPasswd) { $ds=ldap_connect($host); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r=@ldap_bind($ds,$userDn,$userPasswd); return $r ; }
connectLdap("monserveur.com", "cn=admin,dc=univ-lehavre,dc=fr", "lemotdepasse");
function list_of_people($host, $path, $userDn, $userPasswd) { $ds=ldap_connect($host); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r=@ldap_bind($ds,$userDn,$userPasswd); if($ds) { $sr=ldap_search($ds, $path, "objectclass=*"); $info = ldap_get_entries($ds, $sr); // Affiche toutes les données foreach($info as $k=>$v) { if(is_array($v)) { foreach($v as $k1=>$v1) { if(is_array($v1)) { foreach($v1 as $k2=>$v2) { echo $k1."=".$v2."<br/>"; } } } } } //affiche une partie des données for ($i=0;$i<$info["count"];$i++) { $res[$i]["uid"]=$info[$i]["uid"][0]; $res[$i]["cn"]=$info[$i]["cn"][0]; } return $res ; } else { return "Erreur de connexion" ; } }
list_of_people("monserveur.com", "ou=users,ou=iut,dc=univ-lehavre,dc=fr", "cn=admin,dc=univ-lehavre,dc=fr", "motdepasse")
function show_a_person2($host, $uidPerson, $rootdn, $rootpasswd) { $ds=ldap_connect($host); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r=@ldap_bind($ds,$rootdn,$rootpw); if($ds && $r) { $sr=ldap_search($ds, $uidPerson, "objectclass=*"); $info = ldap_get_entries($ds, $sr); if(count($info)>0) { $res["cn"] = $info[$i]["cn"][0]; $res["gecos"] = $info[$i]["gecos"][0]; $res["gidnumber"] = $info[$i]["gidnumber"][0]; $res["homedirectory"] = $info[$i]["homedirectory"][0]; $res["loginshell"] = $info[$i]["loginshell"][0]; $res["uid"] = $info[$i]["uid"][0]; $res["uidnumber"] = $info[$i]["uidnumber"][0]; $res["userpassword"] = $info[$i]["userpassword"][0]; } return $res ; } else { return "Erreur de connexion" ; } }
/* * Ajouter une personne dans le LDAP */ function ldapAddUser($login, $clearpass, $loginshell, $gidnumber, $uidnumber, $homedirectory) { $host=""; $rootdn=""; $rootpasswd=""; $ds = ldap_connect($host); if($ds) { $r=ldap_bind($ds,$rootdn,$rootpasswd); $info["uid"] = $login ; $info["cn"] = $login ; $info["objectClass"][0] = "account" ; $info["objectClass"][1] = "posixAccount" ; $info["objectClass"][2] = "top" ; $info["userPassword"] = "{crypt}".constructPass($clearpass); $info["loginShell"] = $loginshell ; $info["uidNumber"] = $uidnumber ; $info["gidNumber"] = $gidnumber ; $info["homeDirectory"] = $homedirectory ; $dn = "uid=".$login.",ou=people,ou=iut,ou=univ-lehavre,dc=fr"; $res = ldap_add($ds, $dn, $info); $res = ldap_err2str( ldap_errno($ds) ); ldap_close($ds); return $res ; } } /** * Genere un salt aléatoire de 8 caracteres */ function generateSalt($length) { return substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length); } function constructPass($text) { return crypt($text,'$1$'.generateSalt('8')); }
if($_SERVER['REQUEST_METHOD']=='POST') { if(isset($_POST['f_submit'])) { $res=authLdap($_POST['login'], $_POST['passwd']); if($res) { // creation d'une session session_start(); $_SESSION['login'] = $_POST['login'] ; header('Location:index.php'); exit ; } else { echo "identifiant ou mot de passe incorrect" ; } } } else { //code par défaut }
dn: olcDatabase={-1}frontend,cn=config changetype: modify delete: olcAccess dn: olcDatabase={1}hdb,cn=config changetype: modify delete: olcAccess