From: kkalev Date: Sun, 13 Oct 2002 18:46:48 +0000 (+0000) Subject: Map a specific username to the directory manager if we are using ldap and http authen... X-Git-Url: https://git.entuzijast.net/?a=commitdiff_plain;h=f1622307af1fa6befd9b552a101eef3161734bd0;p=freeradius-dialup-admin.git Map a specific username to the directory manager if we are using ldap and http authentication --- diff --git a/Changelog b/Changelog index 8273aaa..7c24093 100644 --- a/Changelog +++ b/Changelog @@ -26,6 +26,7 @@ Ver 1.60: user_info will not work in that case. * Fix a small bug in lib/ldap/defaults.php3. We should not be using $i in a for() loop but a new variable * Add a comment in admin.conf about ldap server failover +* Map a specific username to the directory manager if we are using ldap and http authentication Ver 1.59: * Small html fixes in user_edit.php3 and password.php3 * Show number of failed logins in the last 7 days in the user admin page diff --git a/conf/admin.conf b/conf/admin.conf index c5ea4e7..f9cc061 100644 --- a/conf/admin.conf +++ b/conf/admin.conf @@ -143,6 +143,13 @@ ldap_regular_profile_attr: dialupregularprofile # with a filter of (uid=). Normally, the anonymous (empty DN) # user can do that. #ldap_use_http_credentials: yes +# +# If we are using http credentials we can map a specific username to the +# directory manager (which usually does not correspond to a specific username) +# +#ldap_directory_manager: cn=Directory Manager +#ldap_map_to_directory_manager: admin + # # can be one of mysql,pg where: diff --git a/lib/ldap/functions.php3 b/lib/ldap/functions.php3 index a1170d6..ac095c6 100644 --- a/lib/ldap/functions.php3 +++ b/lib/ldap/functions.php3 @@ -6,6 +6,10 @@ function da_ldap_bind($ds,$config) global $HTTP_SERVER_VARS; $din = $HTTP_SERVER_VARS["PHP_AUTH_USER"]; $pass = $HTTP_SERVER_VARS["PHP_AUTH_PW"]; + if ($config[ldap_map_to_directory_manager] != '' && + $din == $config[ldap_map_to_directory_manager] && + $config[ldap_directory_manager] != '') + $din = $config[ldap_directory_manager]; } if ($config[ldap_use_http_credentials] != 'yes' || ($din == '' && $pass == '')){