id); } else { // email check failed or is disabled - register new FUDforum user. $uent = new fud_user_reg; $uent->users_opt = -1; $uent->login = $login; $uent->plaintext_passwd = $password; $uent->email = $login .'@'. $ini['LDAP_HOST']; $uent->add_user(); } } $usr_d = db_sab('SELECT id, passwd, salt FROM '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users WHERE login='. _esc($login)); if ( !((empty($usr_d->salt) && $usr_d->passwd == md5($password)) || $usr_d->passwd == sha1($usr_d->salt . sha1($password)))) { // Sync password $salt = substr(md5(uniqid(mt_rand(), true)), 0, 9); $sec_pass = sha1($salt . sha1($password)); q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET passwd='. _esc($sec_pass) .', salt='. _esc($salt) .' WHERE id='. $usr_d->id); } // Sync user details, if enabled if (!empty($ini['LDAP_EMAIL'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET email='. _esc($info[0][ $ini['LDAP_EMAIL'] ][0]) .' WHERE login='. _esc($login)); } if (!empty($ini['LDAP_NAME'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET name='. _esc($info[0][ $ini['LDAP_NAME'] ][0]) .' WHERE login='. _esc($login)); } if (!empty($ini['LDAP_ALIAS'])) { q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($info[0][ $ini['LDAP_ALIAS'] ][0]) .' WHERE login='. _esc($login)); } return 1; // Allow access. } else { return 0; // Deny access. } ldap_close($connection); } function ldap_info() { return array('name' => 'LDAP Authentication', 'desc' => 'Authenticate forum users from an LDAP server. You probably want to disable "Allow Registration" and "Allow Password Resets" from the Global Settings Manager after enabling this plugin.
', 'cat' => 'Authentication', 'version' => '1.3-modified'); } function ldap_enable() { if (!extension_loaded('ldap')) { return array(null, 'You PHP installation doesn\'t support LDAP.'); // OK, Err. } return; // Good to go. } function ldap_config() { if((@include $GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini') === false) { $ini = NULL; } if (isset($_POST['Set'])) { foreach (array_keys($_POST) as $key) { if (substr($key,0,5) == 'LDAP_') { $ini[$key] = $_POST[$key]; } } // Array key from ldap_get_entries() must be lowercase. $ini['LDAP_UID'] = strtolower($ini['LDAP_UID']); $fp = fopen($GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini', 'w'); fwrite($fp, ''); fclose($fp); pf(successify('Settings successfully saved.')); } ?>

LDAP server URL:

(use ldap://<servername>:<port>/  for normal LDAP, or ldaps://<servername>:<port>/  for LDAP over SSL)

Enable TLS (Transport Layer Security) mode:

(do not enable this if using LDAP over SSL)

Is the LDAP server case insensitive (like Active Directory):

Proxy user (if required to bind via proxy):

Proxy password (if required to bind via proxy):

Look for usernames in namespace:

Property to query:

LDAP Attribute for forum user alias:

(leave blank if not required)

LDAP Attribute for forum user real name:

(leave blank if not required)

LDAP Attribute for forum user email address:

(leave blank to use <login>@<ldap-server-name>  as forum user email address)

Check for existing user with this email address: