3 // the global lib sets alot of global variables, its fairly unexciting
4 $BASE_DIR = realpath(dirname(__FILE__)."/../../");
7 // the tcp port number we use for comms
8 $TCP_PORT_NUMBER = 21256;
9 global $TCP_PORT_NUMBER;
14 // the messages structure, used to extend gaas if needed
15 define("MSG_STATUS", 18);
16 define("MSG_INIT_SERVER", 19);
17 define("MSG_SET_AD_LOGIN", 20);
18 define("MSG_SET_CLIENT_GROUP", 21);
19 define("MSG_SET_ADMIN_GROUP", 22);
20 define("MSG_PROVISION_USER",23);
21 define("MSG_GET_USERS", 24);
22 define("MSG_DELETE_USER", 25);
23 define("MSG_ASSIGN_TOKEN",26);
24 define("MSG_ADD_HARDWARE",27);
25 define("MSG_GET_HARDWARE",28);
27 // the gaasd call's $MESSAGE[<MSG>]_server() for the server side
28 // and $MESSAGE[<msg>]_client() for the client side
29 $MESSAGES[MSG_STATUS] = "gaasStatus";
30 $MESSAGES[MSG_INIT_SERVER] = "gaasInitServer";
31 $MESSAGES[MSG_SET_AD_LOGIN] = "gaasSetADLogin"; // domain, user, password
32 $MESSAGES[MSG_SET_CLIENT_GROUP] = "gaasSetClientGroup"; // groupname
33 $MESSAGES[MSG_SET_ADMIN_GROUP] = "gaasSetAdminGroup";
34 $MESSAGES[MSG_PROVISION_USER] = "gaasProvisionUser"; // username, tokentype, tokenkey, hardware|software
35 $MESSAGES[MSG_GET_USERS] = "gaasGetUsers"; // [admin|client], [name pattern], [only with tokens]
36 $MESSAGES[MSG_DELETE_USER] = "gaasDeleteUser"; // username
37 $MESSAGES[MSG_ASSIGN_TOKEN] = "gaasAssignToken"; // username, tokenid
38 $MESSAGES[MSG_ADD_HARDWARE] = "gaasAddHardwareToken"; // username, tokenid
39 $MESSAGES[MSG_GET_HARDWARE] = "gaasGetHardwareTokens"; //
49 function adTestLogin($domain, $user, $password)
51 $servers = dns_get_record("_gc._tcp.$domain");
52 if(count($servers)<1) {
53 echo "AD servers cant be found for $domain, fail!\n";
56 echo count($servers)." AD servers returned, using ".$servers[0]["target"]."\n";
58 // we should check all servers, but lets just go with 0 for now
59 $cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
61 $bind = ldap_bind($cnt, "$user@$domain", "$password");
63 echo "login has succeeded\n";
66 echo "login has failed\n";
71 function getADGroups($domain, $user, $password)
73 $servers = dns_get_record("_gc._tcp.$domain");
74 if(count($servers)<1) {
75 echo "AD servers cant be found for $domain, fail!\n";
78 echo count($servers)." AD servers returned, using ".$servers[0]["target"]."\n";
80 // we should check all servers, but lets just go with 0 for now
81 $cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
83 $bind = ldap_bind($cnt, "$user@$domain", "$password");
85 echo "login has failed\n";
89 $ars = explode(".", $addom);
92 foreach($ars as $val) {
96 $basecn = preg_replace("/,$/", "", $tcn);
98 $sr = ldap_search($cnt, "$basecn", "(objectclass=group)");
99 $info = ldap_get_entries($cnt, $sr);
101 if($info["count"] < 1) {
102 echo "Couldn't find a matching group\n";
105 echo "Found a group, ".$info[0]["cn"][0]."\n";
106 echo "With a description of, ".$info[0]["description"][0]."\n";
107 echo "and a dn of, ".$info[0]["dn"]."\n";
113 function userInGroup($user, $domain, $adlogin, $adpass, $group)
116 $usertocheck = $user;
118 $servers = dns_get_record("_gc._tcp.$addom");
119 if(count($servers)<1) {
120 echo "AD servers cant be found, fail!\n";
124 // we should check all servers, but lets just go with 0 for now
125 $cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
126 $bind = ldap_bind($cnt, "$adlogin@$addom", "$adpass");
129 echo "Bind Failed\n";
133 $ars = explode(".", $addom);
136 foreach($ars as $val) {
140 $basecn = preg_replace("/,$/", "", $tcn);
142 // first, find the dn for our user
143 $sr = ldap_search($cnt, "$basecn", "(&(objectclass=user)(samaccountname=$usertocheck))");
144 $info = ldap_get_entries($cnt, $sr);
146 $usercn=$info[0]["dn"];
151 //echo "usercn: $usercn\n";
152 $basecn = preg_replace("/,$/", "", $tcn);
153 $sr = ldap_search($cnt, "$basecn", "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))");
154 $fil = "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))";
155 $info = ldap_get_entries($cnt, $sr);
156 foreach($info as $kpot => $lpot) {
157 if(isset($lpot["samaccountname"])) {
158 //echo "checking: ".$lpot["cn"][0]."\n";
159 if(strtolower($lpot["cn"][0]) == strtolower($group)) return true;
166 function getUsersInGroup($domain, $adlogin, $adpass, $group)
170 $servers = dns_get_record("_gc._tcp.$addom");
171 if(count($servers)<1) {
172 echo "AD servers cant be found, fail!\n";
176 // we should check all servers, but lets just go with 0 for now
177 $cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
178 $bind = ldap_bind($cnt, "$adlogin@$addom", "$adpass");
181 echo "Bind Failed\n";
185 $ars = explode(".", $addom);
188 foreach($ars as $val) {
192 $basecn = preg_replace("/,$/", "", $tcn);
194 // first, find the dn for our user
195 $sr = ldap_search($cnt, "$basecn", "(&(objectCategory=group)(cn=$group))");
196 $info = ldap_get_entries($cnt, $sr);
198 $groupcn=$info[0]["dn"];
201 $basecn = preg_replace("/,$/", "", $tcn);
202 $sr = ldap_search($cnt, "$basecn", "(&(objectCategory=user)(memberof:1.2.840.113556.1.4.1941:=$groupcn))");
203 //$fil = "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))";
204 $info = ldap_get_entries($cnt, $sr);
209 foreach($info as $kpot => $lpot) {
210 if(isset($lpot["samaccountname"])) {
211 $arbi[$lpot["samaccountname"][0]] = $lpot["name"][0];
218 function generateRandomString($len)
221 $strpos = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
223 for($i=0; $i<$len; $i++) {
224 $str .= $strpos[rand(0, strlen($strpos)-1)];
230 function generateHexString($len)
233 $strpos = "0123456789ABCDEF";
235 for($i=0; $i<$len; $i++) {
236 $str .= $strpos[rand(0, strlen($strpos)-1)];
projects / ga4php.git / blob