diff options
author | Raphael Michel <mail@raphaelmichel.de> | 2018-07-22 11:50:02 +0200 |
---|---|---|
committer | Raphael Michel <mail@raphaelmichel.de> | 2018-07-23 09:10:53 +0200 |
commit | f494eee4a3f9b0eb09f6f9d46fb2e6be40a116e6 (patch) | |
tree | 9e9de7722640e394062eabb5881adff29502c6bf /application | |
parent | fdc375e9c503e9cb7bdb4754ad5cc9edc64e0220 (diff) |
LDAP: Allow optional binding/authentication
Diffstat (limited to 'application')
-rw-r--r-- | application/config/config.php | 5 | ||||
-rw-r--r-- | application/libraries/Duser/drivers/Duser_ldap.php | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/application/config/config.php b/application/config/config.php index 4f4e868f0..03f3cb74b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -596,7 +596,10 @@ if (extension_loaded("ldap")) { ), // Please note that php-ldap converts attributes to lowercase "userid_field" => "uidnumber", // This has to be a unique integer - "username_field" => "uid" // This is the value the user supplies on the login form + "username_field" => "uid", // This is the value the user supplies on the login form + // Optional parameters + // "bind_rdn" => "uid=search-user,cn=users,dc=example,dc=com", // This is the user used to authenticate for searches + // "bind_password" => "***", // This is the password for the search user ); } diff --git a/application/libraries/Duser/drivers/Duser_ldap.php b/application/libraries/Duser/drivers/Duser_ldap.php index b80385fe0..f30257364 100644 --- a/application/libraries/Duser/drivers/Duser_ldap.php +++ b/application/libraries/Duser/drivers/Duser_ldap.php @@ -26,6 +26,10 @@ class Duser_ldap extends Duser_Driver { return false; } + if (isset($config['bind_rdn']) && isset($config['bind_password'])) { + ldap_bind($ds, $config['bind_rdn'], $config['bind_password']); + } + switch ($config["scope"]) { case "base": $r = ldap_read($ds, $config['basedn'], $config["username_field"].'='.$username); |