Bon finalement on a trouvé un moyen de résoudre notre problème
Nous avons modifié la fonction ldap_authenticate dans core\ldap_api.php de tel façon qu&
#039;elle boucle sur un nombre de ldap_root_dn définis dans le fichier de configuration config_inc.php:
In config_inc.php
$g_ldap_root_dn1 = ...
$g_ldap_root_dn2 = ...
we also added a new variable
$g_ldap_root_dn_count = 2; # Dans notre cas
# --------------------
# Attempt to authenticate the user against the LDAP directory
# return true on successful authentication, false otherwise
function ldap_authenticate( $p_user_id, $p_password ) {
# if password is empty and ldap allows anonymous login, then
# the user will be able to login, hence, we need to check
# for this special case.
if ( is_blank( $p_password ) ) {
return false;
}
$t_ldap_organization = config_get( &
#039;ldap_organization&
#039; );
$t_username = user_get_field( $p_user_id, &
#039;username&
#039; );
$t_ldap_uid_field = config_get( &
#039;ldap_uid_field&
#039;, &
#039;uid&
#039; ) ;
$t_search_filter = "(&$t_ldap_organization($t_ldap_uid_field=$t_username))";
$t_search_attrs = array( $t_ldap_uid_field, &
#039;dn&
#039; );
$t_ds = ldap_connect_bind();
# Search for the user id in DNs
$t_authenticated = false;
$t_ldap_root_dn_count = config_get( &
#039;ldap_root_dn_count&
#039;
for ( $j = 1 ; $j <= $t_ldap_root_dn_count ; $j++ ) {
$t_ldap_root_dn = config_get( &
#039;ldap_root_dn&
#039;.$j);
$t_sr = ldap_search( $t_ds, $t_ldap_root_dn, $t_search_filter, $t_search_attrs );
$t_info = ldap_get_entries( $t_ds, $t_sr );
if ( $t_info ) {
# Try to authenticate to each until we get a match
for ( $i = 0 ; $i < $t_info[&
#039;count&
#039;] ; $i++ ) {
$t_dn = $t_info[$i][&
#039;dn&
#039;];
# Attempt to bind with the DN and password
if ( @ldap_bind( $t_ds, $t_dn, $p_password ) ) {
$t_authenticated = true;
break; # Don&
#039;t need to go any further
}
}
}
ldap_free_result( $t_sr );
}
ldap_unbind( $t_ds );
return $t_authenticated;
}
Bon je suis sur que le code peut être optimisé... mais comme il fonctionne en état ca me va !
C.