+Ver 1.70:
+* Add the /bin postgresql compatibility patch from Guy Fraser
+* Add ldap_userdn as a configuration directive. If set we use that for
+ user DN's (variables supported) instead of performing and ldap search for
+ each user. That can be somewhat faster.
Ver 1.68:
* Huge PostgreSQL compatibility patch by Guy Fraser <guy@incentre.net>
* Also support the Crypt-Password attribute in lib/sql/password_check.php3. Patch by Guy Fraser <guy@incentre.net>
sql errors. That can help in case there is one sql query which stops the whole failed logins
logging system from working
* Sort the servers list in failed_logins,user_stats,stats
-* Add the /bin postgresql compatibility patch from Guy Fraser
Ver 1.65:
* Add a captions.conf file with a few configurable captions for now
* Move the nas list to a separate file called naslist.conf
# ldap_filter: (&(uid=%u)(manager=uid=%U,ou=admins,o=company,c=com))
#
#ldap_filter: (uid=%u)
+#
+# If ldap_userdn is set then we use that for user dns, we don't perform an ldap
+# search. This can be somewhat faster. The variables supported for ldap_filter
+# are also supported here
+#
+#ldap_userdn: uid=%u,%{ldap_base}
#
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
if ($ds) {
$r=@da_ldap_bind($ds,$config);
- if ($config[ldap_filter] != '')
- $filter = ldap_xlat($config[ldap_filter],$login,$config);
+ if ($config[ldap_userdn] == ''){
+ if ($config[ldap_filter] != '')
+ $filter = ldap_xlat($config[ldap_filter],$login,$config);
+ else
+ $filter = 'uid=' . $login;
+ }
+ else
+ $filter = ldap_xlat($config[ldap_userdn],$login,$config);
+ if ($config[ldap_debug] == 'true'){
+ if ($config[ldap_userdn] == '')
+ print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
+ else
+ print "<b>DEBUG(LDAP): Search Query: BASE='$filter',FILTER='(objectclass=radiusprofile)'</b><br>\n";
+ }
+ if ($config[ldap_userdn] == '')
+ $sr=@ldap_search($ds,"$config[ldap_base]", $filter);
else
- $filter = 'uid=' . $login;
- if ($config[ldap_debug] == 'true')
- print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
- $sr=@ldap_search($ds,"$config[ldap_base]", $filter);
+ $sr=@ldap_read($ds,$filter, '(objectclass=radiusprofile)');
$info = @ldap_get_entries($ds, $sr);
$dn = $info[0]['dn'];
if ($dn == '')