Browse Source

Allow to change the LDAP rdn attribute

Lukas 4 years ago
parent
commit
48d58fbf95

+ 1 - 1
app/Controllers/Auth/AuthController.php

@@ -52,7 +52,7 @@ abstract class AuthController extends Controller
      */
     protected function getLdapRdn(string $username)
     {
-        $bindString = 'uid='.addslashes($username);
+        $bindString = ($this->config['ldap']['rdn_attribute'] ?? 'uid=').addslashes($username);
         if ($this->config['ldap']['user_domain'] !== null) {
             $bindString .= ','.$this->config['ldap']['user_domain'];
         }

+ 1 - 1
app/Controllers/Auth/LoginController.php

@@ -129,7 +129,7 @@ class LoginController extends AuthController
         if (!$dbUser) {
             $email = $username;
             if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
-                $search = ldap_search($server, $this->config['ldap']['base_domain'], 'uid='.addslashes($username), ['mail']);
+                $search = ldap_search($server, $this->config['ldap']['base_domain'], ($this->config['ldap']['rdn_attribute'] ?? 'uid=').addslashes($username), ['mail']);
                 $entry = ldap_first_entry($server, $search);
                 $email = @ldap_get_values($server, $entry, 'mail')[0] ?? platform_mail($username.rand(0, 100)); // if the mail is not set, generate a placeholder
             }

+ 1 - 0
docs/configuration.md

@@ -55,6 +55,7 @@ return array(
         'port' => 389, // ldap port
         'base_domain' => 'dc=example,dc=com', // the base_dn string
         'user_domain' => 'ou=Users', // the user dn string
+        'rdn_attribute' => 'uid=', // the attribute to identify the user
     )
 );
 ```