X-Git-Url: http://git.pjr.cc/?p=ga4php.git;a=blobdiff_plain;f=gaas%2Flib%2FglobalLib.php;fp=gaas%2Flib%2FglobalLib.php;h=b6289560fda78ac5c2309833aeb907c4d3e6a836;hp=51854875d88990d149828a766bb3c3e2e72d3f69;hb=17d7c1e759c50b2fe796306f5ca3f46e064cadaa;hpb=e90887f0fd673f152c95fb9965707d9f0aa07497

diff --git a/gaas/lib/globalLib.php b/gaas/lib/globalLib.php
index 5185487..b628956 100644
--- a/gaas/lib/globalLib.php
+++ b/gaas/lib/globalLib.php
@@ -17,6 +17,7 @@ define("MSG_INIT_SERVER", 19);
 define("MSG_SET_AD_LOGIN", 20);
 define("MSG_SET_CLIENT_GROUP", 21);
 define("MSG_SET_ADMIN_GROUP", 22);
+define("MSG_PROVISION_USER",23);
 
 
 // the gaasd call's $MESSAGE[<MSG>]_server() for the server side
@@ -26,6 +27,7 @@ $MESSAGES[MSG_INIT_SERVER] = "gaasInitServer";
 $MESSAGES[MSG_SET_AD_LOGIN] = "gaasSetADLogin";
 $MESSAGES[MSG_SET_CLIENT_GROUP] = "gaasSetClientGroup";
 $MESSAGES[MSG_SET_ADMIN_GROUP] = "gaasSetAdminGroup";
+$MESSAGES[MSG_PROVISION_USER] = "gaasProvisionUser";
 global $MESSAGES;
 
 
@@ -98,6 +100,56 @@ function getADGroups($domain, $user, $password)
 	return $info;
 }
 
+function userInGroup($user, $domain, $adlogin, $adpass, $group)
+{
+	$addom = $domain;
+	$usertocheck = $user;
+	
+	$servers = dns_get_record("_gc._tcp.$addom");
+	if(count($servers)<1) {
+		echo "AD servers cant be found, fail!\n";
+	}
+	
+	
+	// we should check all servers, but lets just go with 0 for now
+	$cnt = ldap_connect($servers[0]["target"], $servers[0]["port"]);
+	$bind = ldap_bind($cnt, "$adlogin@$addom", "$adpass");
+	if($bind) {
+	} else {
+		echo "Bind Failed\n";
+		return false;
+	}
+	
+	$ars = explode(".", $addom);
+	
+	$tcn = "";
+	foreach($ars as $val) {
+		$tcn .= "DC=$val,";
+	}
+	
+	$basecn = preg_replace("/,$/", "", $tcn);
+	
+	// first, find the dn for our user
+	$sr = ldap_search($cnt, "$basecn", "(&(objectclass=user)(samaccountname=$usertocheck))");
+	$info = ldap_get_entries($cnt, $sr);
+	//print_r($info);
+	$usercn=$info[0]["dn"];
+	
+	
+	//exit(0);
+	
+	$basecn = preg_replace("/,$/", "", $tcn);
+	$sr = ldap_search($cnt, "$basecn", "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))");
+	$fil = "(&(objectCategory=group)(member:1.2.840.113556.1.4.1941:=$usercn))";
+	$info = ldap_get_entries($cnt, $sr);
+	foreach($info as $kpot => $lpot) {
+		if(isset($lpot["samaccountname"])) {
+			if($lpot["cn"][0] == $group) return true;
+		}
+	}
+	return false;
+}
+
 function generateRandomString($len)
 {
 	$str = "";