#9894 Fixed ldap_search
This commit is contained in:
parent
38259c9f8d
commit
1ffac9bc80
|
@ -250,9 +250,9 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
{
|
||||
global $config, $mysql_cache;
|
||||
|
||||
// Remote authentication
|
||||
// Remote authentication.
|
||||
switch ($config['auth']) {
|
||||
// LDAP
|
||||
// LDAP.
|
||||
case 'ldap':
|
||||
$sr = ldap_process_user_login($login, $pass);
|
||||
// Try with secondary server if not login.
|
||||
|
@ -265,7 +265,7 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
}
|
||||
break;
|
||||
|
||||
// Active Directory
|
||||
// Active Directory.
|
||||
case 'ad':
|
||||
if (enterprise_hook('ad_process_user_login', [$login, $pass]) === false) {
|
||||
$config['auth_error'] = 'User not found in database or incorrect password';
|
||||
|
@ -273,7 +273,7 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
}
|
||||
break;
|
||||
|
||||
// Remote Pandora FMS
|
||||
// Remote Pandora FMS.
|
||||
case 'pandora':
|
||||
if (enterprise_hook('remote_pandora_process_user_login', [$login, $pass]) === false) {
|
||||
$config['auth_error'] = 'User not found in database or incorrect password';
|
||||
|
@ -281,7 +281,7 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
}
|
||||
break;
|
||||
|
||||
// Remote Integria
|
||||
// Remote Integria.
|
||||
case 'integria':
|
||||
if (enterprise_hook('remote_integria_process_user_login', [$login, $pass]) === false) {
|
||||
$config['auth_error'] = 'User not found in database or incorrect password';
|
||||
|
@ -289,7 +289,7 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
}
|
||||
break;
|
||||
|
||||
// Unknown authentication method
|
||||
// Unknown authentication method.
|
||||
default:
|
||||
$config['auth_error'] = 'User not found in database or incorrect password';
|
||||
return false;
|
||||
|
@ -303,7 +303,7 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
}
|
||||
}
|
||||
|
||||
// Authentication ok, check if the user exists in the local database
|
||||
// Authentication ok, check if the user exists in the local database.
|
||||
if (is_user($login)) {
|
||||
if (!user_can_login($login) && $api === false) {
|
||||
return false;
|
||||
|
@ -370,10 +370,10 @@ function process_user_login_remote($login, $pass, $api=false)
|
|||
return $login;
|
||||
}
|
||||
|
||||
// The user does not exist and can not be created
|
||||
// The user does not exist and can not be created.
|
||||
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted($login)) {
|
||||
$config['auth_error'] = __(
|
||||
'Ooops User not found in
|
||||
'Ooops User not found in
|
||||
database or incorrect password'
|
||||
);
|
||||
|
||||
|
@ -967,6 +967,12 @@ function ldap_process_user_login($login, $password, $secondary_server=false)
|
|||
|
||||
$sr = ldap_search($ds, io_safe_output($ldap['ldap_base_dn']), $filter);
|
||||
|
||||
if (empty($sr) === true) {
|
||||
$config['auth_error'] = 'ldap search failed';
|
||||
@ldap_close($ds);
|
||||
return false;
|
||||
}
|
||||
|
||||
$memberof = ldap_get_entries($ds, $sr);
|
||||
|
||||
if ($memberof['count'] == 0 && !isset($memberof[0]['memberof'])) {
|
||||
|
|
Loading…
Reference in New Issue