Add ldap_userdn as a configuration directive. If set we use that for

user DN's (variables supported) instead of performing and ldap search for
each user. That can be somewhat faster.

diff --git a/dialup_admin/Changelog b/dialup_admin/Changelog
index 3f15eb7..1a7c3be 100644 (file)
--- a/dialup_admin/Changelog
+++ b/dialup_admin/Changelog
@@ -1,3 +1,8 @@
+Ver 1.70:
+* Add the /bin postgresql compatibility patch from Guy Fraser
+* Add ldap_userdn as a configuration directive. If set we use that for
+  user DN's (variables supported) instead of performing and ldap search for
+  each user. That can be somewhat faster.
 Ver 1.68:
 * Huge PostgreSQL compatibility patch by Guy Fraser <guy@incentre.net>
 * Also support the Crypt-Password attribute in lib/sql/password_check.php3. Patch by Guy Fraser <guy@incentre.net>
@@ -13,7 +18,6 @@ Ver 1.68:
   sql errors. That can help in case there is one sql query which stops the whole failed logins
   logging system from working
 * Sort the servers list in failed_logins,user_stats,stats
-* Add the /bin postgresql compatibility patch from Guy Fraser
 Ver 1.65:
 * Add a captions.conf file with a few configurable captions for now
 * Move the nas list to a separate file called naslist.conf

diff --git a/dialup_admin/conf/admin.conf b/dialup_admin/conf/admin.conf
index 6fefb56..076274d 100644 (file)
--- a/dialup_admin/conf/admin.conf
+++ b/dialup_admin/conf/admin.conf
@@ -195,6 +195,12 @@ ldap_regular_profile_attr: dialupregularprofile
 # ldap_filter: (&(uid=%u)(manager=uid=%U,ou=admins,o=company,c=com))
 #
 #ldap_filter: (uid=%u)
+#
+# If ldap_userdn is set then we use that for user dns, we don't perform an ldap
+# search. This can be somewhat faster. The variables supported for ldap_filter
+# are also supported here
+#
+#ldap_userdn: uid=%u,%{ldap_base}
 
 
 #

diff --git a/dialup_admin/lib/ldap/user_info.php3 b/dialup_admin/lib/ldap/user_info.php3
index 33fe3fb..45116b8 100644 (file)
--- a/dialup_admin/lib/ldap/user_info.php3
+++ b/dialup_admin/lib/ldap/user_info.php3
@@ -30,13 +30,24 @@ if ($config[general_decode_normal_attributes] == 'yes')
 $ds=@ldap_connect("$config[ldap_server]");  // must be a valid ldap server!
 if ($ds) {
        $r=@da_ldap_bind($ds,$config);
-       if ($config[ldap_filter] != '')
-               $filter = ldap_xlat($config[ldap_filter],$login,$config);
+       if ($config[ldap_userdn] == ''){
+               if ($config[ldap_filter] != '')
+                       $filter = ldap_xlat($config[ldap_filter],$login,$config);
+               else
+                       $filter = 'uid=' . $login;
+       }
+       else
+               $filter = ldap_xlat($config[ldap_userdn],$login,$config);
+       if ($config[ldap_debug] == 'true'){
+               if ($config[ldap_userdn] == '')
+                       print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
+               else
+                       print "<b>DEBUG(LDAP): Search Query: BASE='$filter',FILTER='(objectclass=radiusprofile)'</b><br>\n";
+       }
+       if ($config[ldap_userdn] == '')
+               $sr=@ldap_search($ds,"$config[ldap_base]", $filter);
        else
-               $filter = 'uid=' . $login;
-       if ($config[ldap_debug] == 'true')
-               print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$filter'</b><br>\n";
-       $sr=@ldap_search($ds,"$config[ldap_base]", $filter);
+               $sr=@ldap_read($ds,$filter, '(objectclass=radiusprofile)');
        $info = @ldap_get_entries($ds, $sr);
        $dn = $info[0]['dn'];
        if ($dn == '')