diff options
| author | pb1dft <pb1dft@ampache> | 2006-10-16 21:33:32 +0000 |
|---|---|---|
| committer | pb1dft <pb1dft@ampache> | 2006-10-16 21:33:32 +0000 |
| commit | fc27f3c7f30c06c9517772cf71976437cbac6807 (patch) | |
| tree | b1673ce9511ba458b92b16ebdcc80199ca356529 | |
| parent | be194f4f72443307998816293985831926460cce (diff) | |
| download | ampache-fc27f3c7f30c06c9517772cf71976437cbac6807.tar.gz ampache-fc27f3c7f30c06c9517772cf71976437cbac6807.tar.bz2 ampache-fc27f3c7f30c06c9517772cf71976437cbac6807.zip | |
Some major perfomance issues on large LDAP servers
| -rw-r--r-- | config/ampache.cfg.php.dist | 12 | ||||
| -rw-r--r-- | modules/vauth/auth.lib.php | 7 |
2 files changed, 15 insertions, 4 deletions
diff --git a/config/ampache.cfg.php.dist b/config/ampache.cfg.php.dist index cfe5d409..84574391 100644 --- a/config/ampache.cfg.php.dist +++ b/config/ampache.cfg.php.dist @@ -310,6 +310,13 @@ refresh_limit = "60" # ldap_filter = "uid" # ldap_filter = "sAMAccountName" +# LDAP objectclass it's required so if you don't know use * +# OpanLDAP objectclass = "*" +# MAD objectclass = "organizationalPerson" +# DEFAULT null +#ldap_objectclass = "*" +#ldap_objectclass = "organizationalPerson" + # if this is the case, fill these in here: # DEFAULT: null #ldap_username = "" @@ -325,8 +332,7 @@ refresh_limit = "60" # This is the search dn used to find your user, uid=username is added on to # This string # DEFAULT: null -#For OpenLDAP use ldap_search_dn = "ou=People,dc=yoursubdomain,dc=yourdomain,dc=yourtld?uid?sub?(objectclass=*)" -#For MAD use ldap_search_dn = "ou=People,dc=yoursubdomain,dc=yourdomain,dc=yourtld" +#ldap_search_dn = "ou=People,dc=yoursubdomain,dc=yourdomain,dc=yourtld" # This is the address of your ldap server # DEFAULT: null @@ -334,6 +340,8 @@ refresh_limit = "60" # Specify where in your ldap db the following fields are stored: # (comment out if you don't have them) +# OpenLDAP: ldap_name_field = "cn" +# MAD ldap_name_field = "displayname" # DEFAULT: [none] #ldap_email_field = "mail" #ldap_name_field = "cn" diff --git a/modules/vauth/auth.lib.php b/modules/vauth/auth.lib.php index e383d0b5..aff9ee49 100644 --- a/modules/vauth/auth.lib.php +++ b/modules/vauth/auth.lib.php @@ -123,6 +123,9 @@ function vauth_ldap_auth($username, $password) { // This is the ldap filter string (required) $ldap_filter = vauth_conf('ldap_filter'); + //This is the ldap objectclass (required) + $ldap_class = vauth_conf('ldap_objectclass'); + $ldap_name_field = vauth_conf('ldap_name_field'); $ldap_email_field = vauth_conf('ldap_email_field'); @@ -137,8 +140,8 @@ function vauth_ldap_auth($username, $password) { $results['error'] = "Could not bind to LDAP server."; return $results; } // If bind fails - - $sr = ldap_search($ldap_link, $ldap_dn, "($ldap_filter=$username)"); + + $sr = ldap_search($ldap_link, $ldap_dn, "(&(objectclass=$ldap_class)($ldap_filter=$username))"); $info = ldap_get_entries($ldap_link, $sr); if ($info["count"] == 1) { |