use uniquemember instead of deprecated memberuid to identify LDAP group members....

diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index fe0789cdeb7743fd58d50c8ebd5f96e11c1af2be..df82162a67f785583a4a1d05d1ca2f89070545ab 100644 (file)
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -25,12 +25,10 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
 //     //group specific settings
        protected $ldapGroupFilter;
        protected $ldapGroupDisplayName;
-       protected $ldapGroupMemberAttr;
 
        public function __construct() {
                $this->ldapGroupFilter      = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
                $this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
-               $this->ldapGroupMemberAttr  = OC_Appconfig::getValue('user_ldap', 'ldap_group_member_attr', 'memberUid');
        }
 
        /**
@@ -83,7 +81,17 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        $this->ldapGroupDisplayName.'='.$gid
                ));
 
-               return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false);
+               $userDNs = $this->retrieveList($filter, LDAP_GROUP_MEMBER_ASSOC_ATTR, false);
+               $users = array();
+               $attr = OC_LDAP::conf('ldapUserDisplayName');
+               foreach($userDNs as $dn) {
+                       $uid = OC_LDAP::readAttribute($dn, $attr);
+                       if($uid) {
+//                     if(($uid = OC_LDAP::readAttribute($dn, $attr)) != false){
+                               $users[] = $uid;
+                       }
+               }
+               return $users;
        }
 
        /**

diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 752ac4f22896ead44605f084fafd866ce40bf435..bd5f290779f1b0ff38b8eb249081774bfc69a3e3 100644 (file)
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -21,7 +21,7 @@
  *
  */
 
-define('LDAP_GROUP_MEMBER_ASSOC_ATTR','memberUid');
+define('LDAP_GROUP_MEMBER_ASSOC_ATTR','uniquemember');
 
 //needed to unbind, because we use OC_LDAP only statically
 class OC_LDAP_DESTRUCTOR {
@@ -66,6 +66,27 @@ class OC_LDAP {
                }
        }
 
+       /**
+        * @brief reads a given attribute for an LDAP record identified by a DN
+        * @param $dn the record in question
+        * @param $attr the attribute that shall be retrieved
+        * @returns the value on success, false otherwise
+        *
+        * Reads an attribute from an LDAP entry
+        */
+       static public function readAttribute($dn, $attr) {
+               $attr = strtolower($attr);
+               $cr = self::getConnectionResource();
+
+               $rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
+               $er = ldap_first_entry($cr, $rr);
+               $result = ldap_get_attributes($cr, $er);
+               if($result['count'] > 0){
+                       return $result[$attr][0];
+               }
+               return false;
+       }
+
        /**
         * @brief executes an LDAP search, optimized for Users
         * @param $filter the LDAP filter for the search