Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Sync rfc2307 group membership from LDAP

Browse Source 
With rfc2307 LDAP scheme, group members are listed in the memberUid attribute, as simple uid, not as full DN like rfc2307bis, or AD-style groups
This commit is contained in:
Daniel Berteaud 2018-06-21 10:21:18 +02:00
parent cfcedc1170
commit f4bfd8704d
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
scripts/user/sync_groups_ldap2dolibarr.php
View File

@ -186,8 +186,13 @@ if ($result >= 0)
foreach($ldapgroup[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] as $key => $userdn) {
if($key === 'count') continue;
if(empty($userList[$userdn])) { // Récupération de l'utilisateur
$userFilter = explode(',', $userdn);
$userKey = $ldap->getAttributeValues('('.$userFilter[0].')', $conf->global->LDAP_KEY_USERS);
// Schéma rfc2307: les membres sont listés dans l'attribut memberUid sous form de login uniquement
if ($conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS === 'memberUid'){
$userKey = array($userdn);
} else { // Pour les autres schémas, les membres sont listés sous forme de DN complets
$userFilter = explode(',', $userdn);
$userKey = $ldap->getAttributeValues('('.$userFilter[0].')', $conf->global->LDAP_KEY_USERS);
}
if(!is_array($userKey)) continue;
$fuser = new User($db);