LDAP protocol/host/port configuration by URL; make BASE_DN optional

PHP ldap_connect($host, $port) function signature is deprecated: https://www.php.net/manual/en/function.ldap-connect.php Querying an AD Global Catalog across an entire forest requires an empty base DN
2021-02-04 03:49:50 +01:00
parent 08bc8975d8
commit d382e2e4be
4 changed files with 9 additions and 19 deletions
--- a/app/Core/Ldap/Client.php
+++ b/app/Core/Ldap/Client.php
@@ -70,8 +70,8 @@ class Client
     *
     * @access public
     *
-     * @param  string $server LDAP server hostname or IP
-     * @param  int    $port   LDAP port
+     * @param  string $server LDAP server URI (ldap[s]://hostname:port) or hostname (deprecated) 
+     * @param  int    $port   LDAP port (deprecated)
     * @param  bool   $tls    Start TLS
     * @param  bool   $verify Skip SSL certificate verification
     * @return Client
@@ -88,7 +88,12 @@ class Client
            putenv('LDAPTLS_REQCERT=never');
        }

-        $this->ldap = @ldap_connect($server, $port);
+        if (filter_var($server, FILTER_VALIDATE_URL) !== false) {
+            $this->ldap = @ldap_connect($server);
+        }
+        else {
+            $this->ldap = @ldap_connect($server, $port);
+        }

        if ($this->ldap === false) {
            throw new ConnectionException('Malformed LDAP server hostname or LDAP server port');
--- a/app/Core/Ldap/User.php
+++ b/app/Core/Ldap/User.php
@@ -342,10 +342,6 @@ class User
     */
    public function getBaseDn()
    {
-        if (! LDAP_USER_BASE_DN) {
-            throw new LogicException('LDAP user base DN empty, check the parameter LDAP_USER_BASE_DN');
-        }
-
        return LDAP_USER_BASE_DN;
    }