Hi There,
Thanks beforehand for any help on this.
I have successfully implemented the Idbroker plugin for 389 Directory
Server Ldap authentication and SQL mirroring I can also add users to LDAP
via my project. I currently have an issue when trying to add ldap users to
pre exisiting Ldap groups:
I have written the following component to gather the data to save. The
'$this->getModel($this->ldapGroupModel)' calls and initiates the Ldap Group
Model:
public function modLdapGroup($groupName, $user = null) {
>
> if (!is_null($groupName)) {
>
>
> $filter =
> $this->getModel($this->ldapGroupModel)->primaryKey."=". $groupName;
>
> $ldapGroup =
> $this->getModel($this->ldapGroupModel)->find('first', array('conditions' =>
> $filter));
>
>
> if (isset($user['dn']) && !empty($user['dn']))
> $data['uniquemember'] = $user['dn'];
> if (isset($ldapGroup['LdapGroup']['dn']) &&
> !empty($ldapGroup['LdapGroup']['dn'])) $data['cn'] =
> $ldapGroup['LdapGroup']['dn'];
>
> return $data;
>
> }
> }
>
// debug($ldapGroup)
array(
'LdapGroup' => array(
'nsuniqueid' => '84e39381-bf6311e1-86738c03-1d2eb6a1',
'description' => 'yadayada',
'objectclass' => array(
(int) 0 => 'top',
(int) 1 => 'groupofuniquenames'
),
'cn' => 'yadayada',
'creatorsname' => 'cn=directory manager',
'modifiersname' => 'cn=directory manager',
'createtimestamp' => '20120626075046Z',
'modifytimestamp' => '20120626075046Z',
'parentid' => '3',
'entryid' => '176',
'entrydn' => 'cn=yadayada,ou=groups,dc=skypc,dc=local',
'hassubordinates' => 'FALSE',
'numsubordinates' => '0',
'subschemasubentry' => 'cn=schema',
'dn' => 'cn=yadayada,ou=Groups,dc=skypc,dc=local'
),
(int) 0 => array(
'count' => (int) 1
)
)
// debug($data)
array(
'uniquemember' => 'uid=cbrandt152,dc=skypc,dc=local',
'cn' => 'cn=yadayada,ou=Groups,dc=skypc,dc=local'
)
//Ldap Group Model
<?php
class LdapGroup extends AppModel {
var $useDbConfig = 'ldap';
var $primaryKey = 'cn';
var $useTable = 'ou=Groups';
var $validate = array(
'dn' => array(
'rule' => array('custom', '/^[a-zA-Z0-9]*$/'),
'required' => true,
'on' => 'create',
'message' => 'Group names must be alpha numeric.'
),
'gidnumber' => array(
'rule' => array('custom', '/^[0-9]*$/'),
'required' => true,
'on' => 'create',
'message' => 'Group ID number must be numeric.'
),
);
function __construct(){
$primaryKey = Configure::read('LDAP.Group.Identifier');
$useDbConfig = Configure::read('LDAP.Db.Config');
$this->primaryKey = empty($primaryKey) ? 'cn' : $primaryKey;
$this->useDbConfig = empty($useDbConfig) ? 'ldap' : $useDbConfig;
parent::__construct();
}
}
?>
//When the user subscribes, it should add him to the correct Ldap group
//Modify the LDAP Group and add the user top the group
$groupFields =
$this->Component->modLdapGroup($app['Application']['system_name'],
$this->Auth->user());
$this->loadModel('LdapGroup');
if($this->LdapGroup->save($groupFields)) {
$this->Session->setFlash('User saved to group');
} else {
$this->Session->setFlash('User NOT saved to group');
}
// The code successfully queries LDAP but does not MOD the Ldap group
[27/Jun/2012:11:58:07 +0200] conn=35 op=2 RESULT err=0 tag=101 nentries=1
etime=0
[27/Jun/2012:11:58:07 +0200] conn=35 op=3 SRCH base="cn=schema" scope=0
filter="(objectClass=subschema)" attrs="objectClasses attributeTypes"
[27/Jun/2012:11:58:07 +0200] conn=35 op=3 RESULT err=0 tag=101 nentries=1
etime=0
[27/Jun/2012:11:58:08 +0200] conn=35 op=4 SRCH
base="cn=yadayada,ou=Groups,dc=skypc,dc=local" scope=0
filter="(objectClass=*)" attrs="* accountUnlockTime aci copiedFrom
copyingFrom createTimestamp creatorsName dncomp entrydn entryid
hasSubordinates ldapSchemas ldapSyntaxes modifiersName modifyTimestamp
nsAccountLock nsaimstatusgraphic nsaimstatustext nsBackendSuffix
nscpEntryDN nsds5ReplConflict nsicqstatusgraphic nsicqstatustext
nsIdleTimeout nsLookThroughLimit nsRole nsRoleDN nsSchemaCSN nsSizeLimit
nsTimeLimit nsUniqueId nsyimstatusgraphic nsyimstatustext numSubordinates
parentid passwordAllowChangeTime passwordExpirationTime passwordExpWarned
passwordGraceUserTime passwordHistory passwordRetryCount passwordExpWarned
passwordGraceUserTime passwordHistory pwdpolicysubentry retryCountResetTime
subschemaSubentry aci"
[27/Jun/2012:11:58:08 +0200] conn=35 op=4 RESULT err=0 tag=101 nentries=1
etime=0
[27/Jun/2012:11:58:08 +0200] conn=35 op=5 UNBIND
[27/Jun/2012:11:58:08 +0200] conn=35 op=5 fd=68 closed - U1
Thanks for any help on this. I ma stumped :)
Craig
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
