LDAP Wizard: autodetect base DN

4 files changed, 104 insertions, 8 deletions

diff --git a/apps/user_ldap/lib/helper.php b/apps/user_ldap/lib/helper.php
index 4c9dd07a12c..09f646921e3 100644
--- a/apps/user_ldap/lib/helper.php
+++ b/apps/user_ldap/lib/helper.php
@@ -161,4 +161,25 @@ class Helper {
 
 		return true;
 	}
+
+	/**
+	 * @brief extractsthe domain from a given URL
+	 * @param $url the URL
+	 * @return mixed, domain as string on success, false otherwise
+	 */
+	static public function getDomainFromURL($url) {
+		$uinfo = parse_url($url);
+		if(!is_array($uinfo)) {
+			return false;
+		}
+
+		$domain = false;
+		if(isset($uinfo['host'])) {
+			$domain = $uinfo['host'];
+		} else if(isset($uinfo['path'])) {
+			$domain = $uinfo['path'];
+		}
+
+		return $domain;
+	}
 }
diff --git a/apps/user_ldap/lib/ildapwrapper.php b/apps/user_ldap/lib/ildapwrapper.php
index 9e6bd56ef2a..5e12c7c63b9 100644
--- a/apps/user_ldap/lib/ildapwrapper.php
+++ b/apps/user_ldap/lib/ildapwrapper.php
@@ -68,6 +68,14 @@ interface ILDAPWrapper {
 	public function controlPagedResultResponse($link, $result, &$cookie);
 
 	/**
+	 * @brief Count the number of entries in a search
+	 * @param $link LDAP link resource
+	 * @param $result LDAP result resource
+	 * @return mixed, number of results on success, false otherwise
+	 */
+	public function countEntries($link, $result);
+
+	/**
 	 * @brief Return the LDAP error number of the last LDAP command
 	 * @param $link LDAP link resource
 	 * @return error message as string
diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php
index b63e969912a..13314462b8c 100644
--- a/apps/user_ldap/lib/ldap.php
+++ b/apps/user_ldap/lib/ldap.php
@@ -49,6 +49,10 @@ class LDAP implements ILDAPWrapper {
 										$isCritical, $cookie);
 	}
 
+	public function countEntries($link, $result) {
+		return $this->invokeLDAPMethod('count_entries', $link, $result);
+	}
+
 	public function errno($link) {
 		return $this->invokeLDAPMethod('errno', $link);
 	}
diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php
index 04802205cd4..ad71fd10f63 100644
--- a/apps/user_ldap/lib/wizard.php
+++ b/apps/user_ldap/lib/wizard.php
@@ -89,6 +89,10 @@ class Wizard extends LDAPUtility {
 		return false;
 	}
 
+	/**
+	 * @brief tries to determine a base dn from User DN or LDAP Host
+	 * @returns mixed WizardResult on success, false otherwise
+	 */
 	public function guessBaseDN() {
 		if(!$this->checkRequirements(array('ldapHost',
 										   'ldapAgentName',
@@ -97,10 +101,52 @@ class Wizard extends LDAPUtility {
 										   ))) {
 			return false;
 		}
-		$cr = $this->getConnection();
-		if(!$cr) {
+
+		//check whether a DN is given in the agent name (99.9% of all cases)
+		$base = null;
+		$i = stripos($this->configuration->ldapAgentName, 'dc=');
+		if($i !== false) {
+			$base = substr($this->configuration->ldapAgentName, $i);
+
+			if($this->testBaseDN($base)) {
+				$this->applyFind('ldap_base', $base);
+				$this->applyFind('ldap_base_users', $base);
+				$this->applyFind('ldap_base_groups', $base);
+				return $this->result;
+			}
+		}
+
+		//this did not help :(
+		//Let's see whether we can parse the Host URL and convert the domain to
+		//a base DN
+		$domain = Helper::getDomainFromURL($this->configuration->ldapHost);
+		if(!$domain) {
 			return false;
 		}
+
+		$dparts = explode('.', $domain);
+		$base2 = implode('dc=', $dparts);
+		if($base !== $base2 && $this->testBaseDN($base2)) {
+			$this->applyFind('ldap_base', $base2);
+			$this->applyFind('ldap_base_users', $base2);
+			$this->applyFind('ldap_base_groups', $base2);
+			return $this->result;
+		}
+
+		return false;
+	}
+
+	/**
+	 * @brief sets the found value for the configuration key in the WizardResult
+	 * as well as in the Configuration instance
+	 * @param $key the configuration key
+	 * @param $value the (detected) value
+	 * @return null
+	 *
+	 */
+	private function applyFind($key, $value) {
+		$this->result->addChange($key, $value);
+		$this->configuration->setConfiguration(array($key => $value));
 	}
 
 	/**
@@ -116,13 +162,30 @@ class Wizard extends LDAPUtility {
 		if(is_array($hostInfo) && isset($hostInfo['port'])) {
 			$port = $hostInfo['port'];
 			$host = str_replace(':'.$port, '', $host);
-			$config = array('ldapHost' => $host,
-							'ldapPort' => $port,
-							);
-			$this->result->addChange('ldap_host', $host);
-			$this->result->addChange('ldap_port', $port);
-			$this->configuration->setConfiguration($config);
+			$this->applyFind('ldap_host', $host);
+			$this->applyFind('ldap_port', $port);
+		}
+	}
+
+	/**
+	 * @brief Checks whether for a given BaseDN results will be returned
+	 * @param $base the BaseDN to test
+	 * @return bool true on success, false otherwise
+	 */
+	private function testBaseDN($base) {
+		$cr = $this->getConnection();
+		if(!$cr) {
+			throw new \Excpetion('Could not connect to LDAP');
+		}
+
+		//base is there, let's validate it. If we search for anything, we should
+		//get a result set > 0 on a proper base
+		$rr = $this->ldap->search($cr, $base, 'objectClass=*', array('dn'), 0, 1);
+		if(!$this->ldap->isResource($rr)) {
+			return false;
 		}
+		$entries = $this->ldap->countEntries($cr, $rr);
+		return ($entries !== false) && ($entries > 0);
 	}
 
 	/**