I'm going to post this to the group, in hopes that others might find it useful as well.
This is what I'm using to do my LDAP stuff in my app. This model lives on a PHP5 system, so it might take a little bit of twiddling to get it running on a PHP4 install. It works with LDAP users as well as LDAP groups, and although it is in sore need of refactoring, I present it here, mostly just to show you how it might be implemented in Cake: <? class LdapUser extends AppModel { var $useTable = false; var $name = 'LdapUser'; var $host = 'ldap.example.com'; var $port = 389; var $baseDn = 'dc=example,dc=com'; var $user = 'cn=admin,dc=example,dc=com'; var $pass = 'secretgoeshere'; var $validate = array( 'givenName' => VALID_NOT_EMPTY, 'sn' => VALID_NOT_EMPTY ); var $ds; var $inetOrgPersonAttributes = array( 'givenName', 'sn', 'title', 'street', 'l', 'st', 'postalCode', 'telephoneNumber', 'homePhone', 'mobile', 'mail', 'ou' ); var $ouAttributes = array( 'postalAddress', 'l', 'st', 'postalCode', 'telephoneNumber', 'facsimileTelephoneNumber' ); function __construct() { parent::__construct(); $this->ds = ldap_connect($this->host, $this->port); ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_bind($this->ds, $this->user, $this->pass); } function __destruct() { ldap_close($this->ds); } function auth($uid, $password) { $result = $this->findAll('uid', $uid); if($result[0]) { if (ldap_bind($this->ds, $result[0]['dn'], $password)) { return true; } else { return false; } } } function findAll($attribute = 'uid', $value = '*', $baseDn = 'ou=People,dc=example,dc=com') { $r = ldap_search($this->ds, $baseDn, $attribute . '=' . $value); if ($r) { //if the result contains entries with surnames, //sort by surname: ldap_sort($this->ds, $r, "sn"); return ldap_get_entries($this->ds, $r); } } function findAllMulti($search, $baseDn = 'dc=example,dc=com') { $r = ldap_search($this->ds, $baseDn, $search); if ($r) { ldap_sort($this->ds, $r, "ou"); return ldap_get_entries($this->ds, $r); } } function add($data) { $data = $this->cleanArray($data); $r = ldap_bind($this->ds, 'cn=admin,dc=example,dc=com', 'secretgoeshere'); $cn = 'cn=' . $data['cn'] . ',ou=' . $data['ou'] . ',ou=People,dc=example,dc=com'; $r = ldap_add($this->ds, $cn, $data); if (ldap_error($this->ds) != 'Success') { $_SESSION['error_message'] = ldap_error ($this->ds); return false; } return true; } function addGroup($data) { $data = $this->cleanArray(@$data); $r = ldap_bind($this->ds, 'cn=admin,dc=example,dc=com', 'secretgoeshere'); $cn = 'ou=' . $data['ou'] . ',ou=People,dc=example,dc=com'; $r = ldap_add($this->ds, $cn, $data); if (ldap_error($this->ds) != 'Success') { $_SESSION['error_message'] = ldap_error ($this->ds); return false; } return true; } function modify($oldCn, $data) { $data = $this->cleanArray(@$data); unset($data['objectClass']); unset($data['cn']); $r = ldap_bind($this->ds, 'cn=admin,dc=example,dc=com', 'secretgoeshere'); $cn = 'cn=' . $oldCn . ',ou=' . $data['ou'] . ',ou=People,dc=example,dc=com'; $r = ldap_modify($this->ds, $cn, $data); if (ldap_error($this->ds) != 'Success') { $_SESSION['error_message'] = ldap_error ($this->ds); return false; } foreach($this->inetOrgPersonAttributes as $attr) { if (!empty($data[$attr]) === false) { $todel[strtolower($attr)] = array(); //Remove elements that were empty upon submission ldap_mod_del($this->ds, $cn, $todel); } } return true; } function modifyOu($oldOu, $data) { $data = $this->cleanArray($data); unset($data['objectClass']); unset($data['cn']); $r = ldap_bind($this->ds, 'cn=admin,dc=example,dc=com', 'secretgoeshere'); $cn = 'ou=' . $data['ou'] . ',ou=People,dc=example,dc=com'; $r = ldap_modify($this->ds, $cn, $data); if (ldap_error($this->ds) != 'Success') { $_SESSION['error_message'] = ldap_error ($this->ds); return false; } foreach($this->ouAttributes as $attr) { if (!empty($data[$attr]) === false) { $todel[strtolower($attr)] = array(); //Remove elements that were empty upon submission ldap_mod_del($this->ds, $cn, $todel); } } return true; } function delete($oldCn) { $r = ldap_bind($this->ds, 'cn=admin,dc=example,dc=com', 'secretgoeshere'); $deadMeat = $this->findAll('cn', $oldCn); $cn = 'cn=' . $deadMeat[0]['cn'][0] . ',ou=' . $deadMeat[0]['ou'][0] . ',ou=People,dc=example,dc=com'; $r = ldap_delete($this->ds, $cn); if (ldap_error($this->ds) != 'Success') { $_SESSION['error_message'] = ldap_error ($this->ds); return false; } return true; } function cleanArray($data) { //Remove empty array values $keys = array_keys($data); for($i = 0; $i < count($keys); $i++) { if (!$data[$keys[$i]] || $data[$keys[$i]] == "") { unset($data[$keys[$i]]); } } if(!$data['uid']) { unset($data['uid']); } return $data; } } ?> -- John --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---