Tickets :: 0001-Adding-config-parameter-to-check-if-user-should-be-s.patch

From 6f2dc0e2ecaf60c80807c825497359594079e02a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felipe=20Zipitr=C3=ADa?= <fzipi@fing.edu.uy>
Date: Wed, 20 Nov 2013 12:19:58 -0200
Subject: [PATCH] Adding config parameter to check if user should be searched
 by DN

---
 passwd/config/backends.php |  6 +++++-
 passwd/lib/Driver/Ldap.php | 11 ++++++-----
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/passwd/config/backends.php b/passwd/config/backends.php
index db45829..63062b0 100644
--- a/passwd/config/backends.php
+++ b/passwd/config/backends.php
@@ -207,8 +207,12 @@ $backends['ldap'] = array(
         // Whether to enable TLS for this LDAP connection
         // Note: make sure that the host matches cn in the server certificate.
         'tls' => false,
-        // Determine the user's DN. %u will be replaced by the user's ID.
+        // If you know that all your user's DN share the same OU, or O, use this option.
+        // %u will be replaced by the user's ID.
         //'userdn' => 'uid=%u,o=example.com'
+        // If your user's DN are on sub OUs, and you need to find by DN, set this option to true.
+        // Note: a search will be performed every time, to find the correct DN for each user.
+        // 'search_userdn' => true
     ),
 );
 
diff --git a/passwd/lib/Driver/Ldap.php b/passwd/lib/Driver/Ldap.php
index b589bef..50eb153 100644
--- a/passwd/lib/Driver/Ldap.php
+++ b/passwd/lib/Driver/Ldap.php
@@ -101,12 +101,13 @@ class Passwd_Driver_Ldap extends Passwd_Driver
             $user .= '@' . $this->_params['realm'];
         }
 
-        // Try to get the user's dn from config.
-        if (isset($this->_params['userdn'])) {
-            $this->_userdn = str_replace('%u', $user, $this->_params['userdn']);
-        } else {
+		// Check if we need to find user by DN
+        if (!empty($this->_params['search_userdn'])) {
             // @todo Fix finding the user DN.
-            // $this->_userdn = $this->_ldap->findUserDN($user);
+            $this->_userdn = $this->_ldap->findUserDN($user);
+        } elseif (isset($this->_params['userdn'])) {// Try to get the user's dn from config.
+                $this->_userdn = str_replace('%u', $user, $this->_params['userdn']);
+        } else {
             $this->_userdn = $this->_params['uid'] . '=' . $user . ',' . $this->_params['basedn'];
         }
 
-- 
1.8.3.1