[sork] Re: Incorrect LDAP search in accounts module

John Dalbec jpdalbec at ysu.edu
Tue Feb 25 15:43:39 PST 2003 

Eric Rostetter wrote:
> I applied your patch to CVS HEAD and RELENG_2, and added the field to the
> configuration files...  Will make it into the next release...
> 

Here's a patch to find the home directory and login shell for LDAP 
accounts.  I think these attribute names are pretty standard.

--- accounts/lib/Driver/ldap.php.orig	Thu Feb 20 17:01:20 2003
+++ accounts/lib/Driver/ldap.php	Tue Feb 25 15:34:25 2003
@@ -46,7 +46,7 @@
      /**
       * Find the user's fullname
       *
-     * @param   $username     The user for which to change the password.
+     * @param   $username     The user whose full name to find.
       *
       * @return  mixed         User's Fullname (string) or false (error).
       */
@@ -80,6 +80,76 @@
          @ldap_close($this->_ds);

          return (empty($name) ? false : $name);
+    }
+
+    /**
+     * Find the user's home directory
+     *
+     * @param   $username     The user whose home directory to find.
+     *
+     * @return  mixed         User's Home (string) or false (error).
+     */
+    function getHome($username) {
+
+        // connect to the ldap server
+        $this->_ds = ldap_connect($this->_params['host'],
+                                  $this->_params['port']);
+        if (!$this->_ds) {
+           return PEAR::raiseError(_("Could not connect to ldap server"));
+        }
+
+        // bind as anonymous
+        $result = @ldap_bind($this->_ds);
+        if (!$result) {
+          return PEAR::raiseError(_("Could not bind to ldap server"));
+        }
+
+        // Get the home directory
+        $searchResult = ldap_search($this->_ds, $this->_params['basedn'],
+                        $this->_params['attr'] . '=' . $username);
+        $information = ldap_get_entries($this->_ds, $searchResult);
+        // FIXME: Need to check for errors here if nothing is returned 
above
+        $homedir = $information[0]['homedirectory'][0];
+
+        // disconnect from the ldap server
+        @ldap_close($this->_ds);
+
+        return (empty($homedir) ? false : $homedir);
+    }
+
+    /**
+     * Find the user's shell
+     *
+     * @param   $username     The user whose shell to find.
+     *
+     * @return  mixed         User's Shell (string) or false (error).
+     */
+    function getShell($username) {
+
+        // connect to the ldap server
+        $this->_ds = ldap_connect($this->_params['host'],
+                                  $this->_params['port']);
+        if (!$this->_ds) {
+           return PEAR::raiseError(_("Could not connect to ldap server"));
+        }
+
+        // bind as anonymous
+        $result = @ldap_bind($this->_ds);
+        if (!$result) {
+          return PEAR::raiseError(_("Could not bind to ldap server"));
+        }
+
+        // Get the shell
+        $searchResult = ldap_search($this->_ds, $this->_params['basedn'],
+                        $this->_params['attr'] . '=' . $username);
+        $information = ldap_get_entries($this->_ds, $searchResult);
+        // FIXME: Need to check for errors here if nothing is returned 
above
+        $shell = $information[0]['loginshell'][0];
+
+        // disconnect from the ldap server
+        @ldap_close($this->_ds);
+
+        return (empty($shell) ? false : $shell);
      }

  }

More information about the sork mailing list