function ldaphelp_get_ldap_server in LDAP integration 6
Use the LDAP server info to create the status array for theme_status_report
Parameters
Array $info:
int $sid The server definition id:
Array $ldap Array of server configuration info:
Array $test Results of the _ldaphelp_testldap function:
String $edit_ldap The link to edit this configuration.:
1 call to ldaphelp_get_ldap_server()
- ldaphelp_status in ldaphelp/
ldaphelp_status.inc
File
- ldaphelp/
ldaphelp_status.inc, line 227 - status file for ldaphelp module
Code
function ldaphelp_get_ldap_server(&$info, $sid, &$ldap, &$test, $edit_ldap) {
$description = "server: " . $ldap['server'] . "<br/>port: " . $ldap['port'] . "<br/>tls: " . $ldap['tls'] . "<br/>encrypted: " . $ldap['encrypted'];
$status[] = array(
'title' => 'Server Settings ' . $edit_ldap,
'value' => $description,
'severity' => "0",
);
// login procedure
$description = "user_attr:<code> " . $ldap['user_attr'] . "</code><br/>mail_attr: <code>" . $ldap['mail_attr'] . "</code>";
$status[] = array(
'title' => 'Login Procedure ' . $edit_ldap,
'value' => $description,
'severity' => "0",
);
// advanced configuration
$description = "binddn: <code>" . $ldap['binddn'] . "</code><br/>bindpw: " . $ldap['bindpw'];
$status[] = array(
'title' => 'Advanced Configuration ' . $edit_ldap,
'value' => $description,
'severity' => "0",
);
// bind test
$description = "Bind Type: " . $test['bind_type'] . "<br/>Bind Result?: " . $test['bind_result_text'];
if (!$test['bind_success']) {
$description .= ldaphelp_arraytohtml(array(
'LDAP Error' => $test['bind_result_error'],
'LDAP Error Number' => $test['bind_result_errno'],
));
// 49: invalid credentials.
if ($test['bind_result_errno'] === 49) {
$suggestions = "<ul>";
if ($test['bind_type'] == 'anon') {
$suggestions .= "<li>This LDAP server does not appear to allow anonymous connections. You will need to supply a dn and password in the advanced settings that can search the LDAP server.</li>";
}
else {
$suggestions .= "<li>The dn and/or password supplied in the advanced configuration section does not seem to be valid for this server.</li>";
}
$suggestions .= "</ul>";
$description .= ldaphelp_arraytohtml(array(
'Suggestions' => $suggestions,
));
}
}
$severity = $test['bind_success'] === TRUE ? "0" : "2";
$status[] = array(
'title' => 'Server Bind Test',
'value' => $description,
'severity' => $severity,
);
if ($test['bind_success'] === TRUE) {
foreach ($test['basedns'] as $basedn) {
if (isset($basedn['result']['base_dn_error'])) {
$usersfound = FALSE;
$usersfoundtext = "No";
$validbasedn = $basedn['basedn'];
$severity = 2;
$error = array(
'mal_formed_dn' => "<br/>This Base DN is incorrect: <br/><code>" . $basedn['basedn'] . "</code><br/>Test error was: " . $basedn['result']['base_dn_error'],
);
$suggestions = "<br/>Suggestions: <ul>";
$suggestions .= "<li>Make sure this DN does exists on the server.</li>";
$suggestions .= "<li>Verify the spelling and capitalization of the DN</li>";
$suggestions .= "<li>Make sure there are no extra spaces in the DN, e.g. after commas</li>";
$suggestions .= "</ul>";
$error['mal_formed_dn'] .= $suggestions;
}
elseif (isset($basedn['result']['count'])) {
$usersfound = TRUE;
$usersfoundtext = "Yes";
$severity = 0;
$error = '';
}
else {
$usersfound = FALSE;
$usersfoundtext = "No";
$validbasedn = $basedn['basedn'];
$severity = 2;
$error = array();
$result = ldaphelp_baddn($basedn['basedn'], 'Base DN');
if (!$result['boolean']) {
$error['mal_formed_dn'] = $result['text'];
}
$error['bind_success_search_failed'] = "<br/>Successfully bound to server <code>" . $ldap['server'] . "</code>, but found" . " no users in generic search (" . $ldap['user_attr'] . "=*) Suggestions: <ul>";
if ($basedn['result']['no_user_attr_success'] && !$data['result']['with_user_attr_success']) {
$error['bind_success_search_failed'] .= "<li> User attribute name <code>" . $ldap['user_attr'] . " </code> may be wrong. Found LDAP entries with search filter <code>CN=*</code>, " . " but not with search filter <code>" . $ldap['user_attr'] . "=*</code>.</li>";
}
// no results in either search and anonymous search
// you are not allowed to perform an anonymous search of your ldap
// or you meant to perform a non-anonymouse search but left the password empty.
if ($tests['bind_type'] == 'anon') {
$error['bind_success_search_failed'] .= "<li>Anonymous searches of your LDAP or the Base DN <code>" . $basedn['basedn'] . " </code> may not be allowed. Perhaps you need to create or use a service account to query the ldap.</li>";
}
else {
$error['bind_success_search_failed'] .= "<li>The DN and password supplied in the advanced settings area may not have the rights to search your LDAP server and/or the Base DN <code>" . $basedn['basedn'] . " </code>. Check with your LDAP administrator to see that this user can search all your Base DNs.</li>";
}
$error['bind_success_search_failed'] .= "<li>Perhaps Base DN is incorrect: <code>" . $basedn['basedn'] . "</code></li>";
$error['bind_success_search_failed'] .= "<li>Perhaps this Base DN does not have any entries and/or users defined under it.</li>";
$error['bind_success_search_failed'] .= "</ul>";
}
$header = 'Base DN:<br/><code>' . $basedn['basedn'] . '</code>';
$value = "<br/>Found Users in search of base DN?: <strong>" . $usersfoundtext . "</strong>" . $error['bind_success_search_failed'] . $error['mal_formed_dn'];
$status[] = array(
'title' => $header . ' ' . $edit_ldap,
'value' => $value,
'severity' => $severity,
);
}
}
return $status;
}