extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-03 04:29:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix AD implementation to use objectGUID instead of not available standard entryUUID

Browse Source
This commit is contained in:
ralf 2024-08-20 11:04:20 +02:00
parent b6e00c9ae0
commit b294b5f999
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
api/src/Accounts/Ads.php
View File

@ -113,7 +113,7 @@ class Ads
* @var array * @var array
*/ */
protected static $default_attributes = array( protected static $default_attributes = array(
'objectsid', 'samaccounttype', 'samaccountname', 'entryuuid', 'objectsid', 'samaccounttype', 'samaccountname', 'objectguid',
); );
/** /**
@ -122,7 +122,7 @@ class Ads
* @var array * @var array
*/ */
protected static $user_attributes = array( protected static $user_attributes = array(
'objectsid', 'samaccounttype', 'samaccountname', 'entryuuid', 'objectsid', 'samaccounttype', 'samaccountname',
'primarygroupid', 'givenname', 'sn', 'mail', 'displayname', 'telephonenumber', 'primarygroupid', 'givenname', 'sn', 'mail', 'displayname', 'telephonenumber',
'objectguid', 'useraccountcontrol', 'accountexpires', 'pwdlastset', 'whencreated', 'whenchanged', 'lastlogon', 'objectguid', 'useraccountcontrol', 'accountexpires', 'pwdlastset', 'whencreated', 'whenchanged', 'lastlogon',
'jpegphoto', 'jpegphoto',
@ -134,7 +134,7 @@ class Ads
* @var array * @var array
*/ */
protected static $group_attributes = array( protected static $group_attributes = array(
'objectsid', 'samaccounttype', 'samaccountname', 'entryuuid', 'objectsid', 'samaccounttype', 'samaccountname',
'objectguid', 'mail', 'whencreated', 'whenchanged', 'description', 'objectguid', 'mail', 'whencreated', 'whenchanged', 'description',
); );
@ -157,6 +157,13 @@ class Ads
*/ */
public static $debug = false; public static $debug = false;
/**
* ADS is Samba4 (true), otherwise false
*
* @var boolean
*/
public bool $is_samba4 = false;
/** /**
* Constructor * Constructor
* *
@ -170,6 +177,7 @@ class Ads
$this->adldap = self::get_adldap($this->frontend->config); $this->adldap = self::get_adldap($this->frontend->config);
$this->serverinfo = ServerInfo::get($this->ldap_connection(), $this->frontend->config['ads_host']); $this->serverinfo = ServerInfo::get($this->ldap_connection(), $this->frontend->config['ads_host']);
$this->is_samba4 = $this->serverinfo->serverType == Api\Ldap\ServerInfo::SAMBA4;
} }
/** /**
@ -463,7 +471,7 @@ class Ads
* Convert a string GUID to hex string used in filter * Convert a string GUID to hex string used in filter
* *
* @param string $strGUID * @param string $strGUID
* @return int * @return string
*/ */
public function objectguid2hex($strGUID) public function objectguid2hex($strGUID)
{ {
@ -565,10 +573,9 @@ class Ads
$group = array( $group = array(
'account_dn' => $data['dn'], 'account_dn' => $data['dn'],
'account_uuid' => $data['entryuuid'][0],
'account_id' => $account_id, 'account_id' => $account_id,
'account_sid' => $sid, 'account_sid' => $sid,
'account_guid' => $this->adldap->utilities()->decodeGuid($data['objectguid'][0]), 'account_uuid' => $this->adldap->utilities()->decodeGuid($data['objectguid'][0]),
'account_lid' => $data['samaccountname'][0], 'account_lid' => $data['samaccountname'][0],
'account_type' => 'g', 'account_type' => 'g',
'account_firstname' => $data['samaccountname'][0], 'account_firstname' => $data['samaccountname'][0],
@ -645,10 +652,9 @@ class Ads
$user = array( $user = array(
'account_dn' => $data['dn'], 'account_dn' => $data['dn'],
'account_uuid' => $data['entryuuid'][0],
'account_id' => $account_id, 'account_id' => $account_id,
'account_sid' => $sid, 'account_sid' => $sid,
'account_guid' => $this->adldap->utilities()->decodeGuid($data['objectguid'][0]), 'account_uuid' => $this->adldap->utilities()->decodeGuid($data['objectguid'][0]),
'account_lid' => $data['samaccountname'][0], 'account_lid' => $data['samaccountname'][0],
'account_type' => 'u', 'account_type' => 'u',
'account_primary_group' => (string)-$data['primarygroupid'][0], 'account_primary_group' => (string)-$data['primarygroupid'][0],
@ -676,7 +682,7 @@ class Ads
{ {
$user['account_status'] = false; $user['account_status'] = false;
} }
$user['person_id'] = $user['account_guid']; // id of contact $user['person_id'] = $user['account_uuid']; // id of contact
//error_log(__METHOD__."(".array2string($data).") returning ".array2string($user)); //error_log(__METHOD__."(".array2string($data).") returning ".array2string($user));
return $user; return $user;
} }
@ -1285,6 +1291,10 @@ class Ads
{ {
foreach($attr_filter as $attr => $value) foreach($attr_filter as $attr => $value)
{ {
if ($attr === 'objectguid' && !$this->is_samba4)
{
$value = $this->objectguid2hex($value);
}
$filter .= '('.$attr.'='.$this->adldap->utilities()->ldapSlashes($value).')'; $filter .= '('.$attr.'='.$this->adldap->utilities()->ldapSlashes($value).')';
} }
} }
@ -1328,8 +1338,7 @@ class Ads
'account_email' => 'mail', 'account_email' => 'mail',
'account_fullname' => 'cn', 'account_fullname' => 'cn',
'account_sid' => 'objectsid', 'account_sid' => 'objectsid',
'account_guid' => 'objectguid', 'account_uuid' => 'objectguid',
'account_uuid' => 'entryuuid',
'account_dn' => 'dn', 'account_dn' => 'dn',
); );
$ret = false; $ret = false;