feat: use a service account to permit read only checks like for auth
This commit is contained in:
Morph01
@@ -5,7 +5,7 @@ function listAllOU()
|
||||
session_start();
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['user_pseudo'])) {
|
||||
if (!isset($_SESSION['sAMAccountName'])) {
|
||||
die("Nom utilisateur manquant. Veuillez vous reconnecter.");
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@ function listAllOU()
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
$ldap_user = "CN=" . $_SESSION['user_pseudo'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
$ldap_user = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldap_user, $_SESSION['password'])) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
@@ -57,7 +57,7 @@ function listAllUsers()
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
$ldap_user = "CN=" . $_SESSION['user_pseudo'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
$ldap_user = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldap_user, $_SESSION['password'])) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
@@ -90,3 +90,47 @@ function listAllUsers()
|
||||
ldap_close($ldapconn);
|
||||
return $users; // Retourner le tableau des utilisateurs
|
||||
}
|
||||
|
||||
function getUserOU($username)
|
||||
{
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
$ldapServer = "ldap://intranet.epul3a.local";
|
||||
$ldapUser = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
$ldapPassword = $_SESSION['password'];
|
||||
|
||||
$ldapconn = ldap_connect($ldapServer) or die("Could not connect to LDAP server.");
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldapUser, $ldapPassword)) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
}
|
||||
|
||||
$searchBase = "DC=epul3a,DC=local";
|
||||
$filter = "(sAMAccountName=$username)";
|
||||
$attributes = ["distinguishedName"];
|
||||
|
||||
$result = @ldap_search($ldapconn, $searchBase, $filter, $attributes);
|
||||
|
||||
if ($result) {
|
||||
$entries = ldap_get_entries($ldapconn, $result);
|
||||
if ($entries['count'] > 0) {
|
||||
$dn = $entries[0]['distinguishedname'][0];
|
||||
|
||||
// Extraire l'OU du DN
|
||||
preg_match('/OU=([^,]+)/', $dn, $matches);
|
||||
$ou = isset($matches[1]) ? $matches[1] : null;
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return $ou;
|
||||
}
|
||||
} else {
|
||||
echo "Error: " . ldap_error($ldapconn);
|
||||
}
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return null;
|
||||
}
|
||||
Reference in New Issue
Block a user