I just wanted to share this code that I use to validate my Samba Ldap Users:
Our user must be created in nuBuilder database and the password will be stored in a samba ldap directory.
We have to edit formlogin.php
Code: Select all
// Change this query
$s = "SELECT zzsys_user_id AS ID, sal_name AS AccessLevel, sug_group_name as UserGroupName FROM zzsys_user ";
$s .= "INNER JOIN zzsys_user_group ON sus_zzsys_user_group_id = zzsys_user_group_id ";
$s .= "INNER JOIN zzsys_access_level ON sug_zzsys_access_level_id = zzsys_access_level_id ";
$s .= "WHERE sus_login_name = '$user'"; //Only cheque if the user exists
$t = nuRunQuery($s);
$r = db_fetch_object($t);
// the globeadmin username should not exist in the zzsys_user table
if($r->ID!='' && $user=='globeadmin'){
return $stoplogin;
}
//user name and password failed
if($r->ID=='' || !validate_ldap($user, $pass)){ //check the password with the validate_ldap function
return $stoplogin;
}
//validate_ldap
function validate_ldap($user, $pass) {
$ldapconfig['host'] = 'host ip';
$ldapconfig['port'] = 389;
$ldapconfig['basedn'] = 'dc=some,dc=com';
$ds=@ldap_connect($ldapconfig['host'],$ldapconfig['port']);
$r = @ldap_search( $ds, $ldapconfig['basedn'], 'uid=' . $user);
if ($r) {
$result = @ldap_get_entries( $ds, $r);
if ($result[0]) {
if (@ldap_bind( $ds, $result[0]['dn'], $pass) ) {
return true;
}
}
}
return false;
}
regards
Pablo.