You are here

function _ldaphelp_testldap in LDAP integration 6

Test if the ldap settings for the specified server id work.

Parameters

array $ldap DEPRECATED - not used:

int $sid Server config id:

1 call to _ldaphelp_testldap()
ldaphelp_status in ldaphelp/ldaphelp_status.inc

File

ldaphelp/ldaphelp_status.inc, line 385
status file for ldaphelp module

Code

function _ldaphelp_testldap($ldap, $sid) {
  global $_ldapauth_ldap;

  // foreach ($ldaps as $sid => $ldap) {
  $test = array();

  // Initialize LDAP.
  _ldapauth_init($sid);
  if ($_ldapauth_ldap
    ->getOption('binddn') && $_ldapauth_ldap
    ->getOption('bindpw')) {
    $test['bind_result'] = $_ldapauth_ldap
      ->connectAndBind($_ldapauth_ldap
      ->getOption('binddn'), $_ldapauth_ldap
      ->getOption('bindpw'));
    $test['bind_type'] = "non-anon";
  }
  else {
    $test['bind_result'] = $_ldapauth_ldap
      ->connectAndBind();
    $test['bind_type'] = "anon";
  }
  if ($test['bind_result']) {
    $test['bind_result_text'] = "Success";
    $test['bind_success'] = TRUE;
  }
  else {
    $test['bind_result_error'] = ldap_error($_ldapauth_ldap->connection);
    $test['bind_result_errno'] = ldap_errno($_ldapauth_ldap->connection);
    $test['bind_result_text'] = "Fail";
    $test['bind_success'] = FALSE;
  }
  if ($test['bind_success'] === TRUE) {
    foreach (explode("\r\n", $_ldapauth_ldap
      ->getOption('basedn')) as $base_dn) {
      $basedn_data = array();

      // Test that base_dn exists.
      $results = $_ldapauth_ldap
        ->retrieveAttributes($base_dn, array());
      if (empty($results)) {
        $basedn_data['result']['base_dn_error'] = 'DN does not exist.';
      }

      // Look for users.
      $user_attr = $_ldapauth_ldap
        ->getOption('user_attr') ? $_ldapauth_ldap
        ->getOption('user_attr') : LDAPAUTH_DEFAULT_USER_ATTR;
      $filter = "{$user_attr}=*";
      $result = $_ldapauth_ldap
        ->search($base_dn, $filter, array(
        $user_attr,
      ), 0, 1, 1);
      $basedn_data['result']['error'] = ldap_error($_ldapauth_ldap->connection);
      $basedn_data['basedn'] = $base_dn;
      $basedn_data['result']['count'] = $result['count'];
      $basedn_data['result']['sample0'] = $result[0];
      $basedn_data['result']['dnufn'] = ldap_dn2ufn($base_dn);
      if (!$basedn_data['result']['count']) {
        $basedn_data['result']['with_user_attr_success'] = FALSE;

        // try searching for any object to see if user_attr is wrong
        $filter = "CN=*";
        $result = $_ldapauth_ldap
          ->search($base_dn, $filter, array(
          $user_attr,
        ), 0, 1, 1);
        $basedn_data['result']['no_user_attr_success'] = $result['count'] ? TRUE : FALSE;

        // bad attribute name
      }
      else {
        $basedn_data['result']['with_user_attr_success'] = TRUE;
      }
      $test['basedns'][] = $basedn_data;
    }
  }
  return $test;
}