Fixed issue #9035: LDAP-search and bind not working with MS ActiveDir…

…ectory Dev: AD needs referrals disabled. Added option in Dev: plugin settings
LimeSurvey · May 19, 2014 · a1aebd6 · a1aebd6
1 parent b3674c5
commit a1aebd6
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/application/core/plugins/AuthLDAP/AuthLDAP.php b/application/core/plugins/AuthLDAP/AuthLDAP.php
@@ -30,6 +30,11 @@ class AuthLDAP extends AuthPluginBase
             'default' => '2',
             'submitonchange'=> true
             ),
+        'ldapoptreferrals' => array(
+            'type' => 'boolean',
+            'label' => 'Select true if referrals must be followed (use false for ActiveDirectory)',
+            'default' => '0'
+            ),
         'ldaptls' => array(
             'type' => 'boolean',
             'label' => 'Check to enable Start-TLS encryption When using LDAPv3',
@@ -152,6 +157,7 @@ public function getPluginSettings($getValues = true)
                 unset($aPluginSettings['extrauserfilter']);
                 unset($aPluginSettings['binddn']);
                 unset($aPluginSettings['bindpwd']);
+                unset($aPluginSettings['ldapoptreferrals']);
             }
         }
 
@@ -178,6 +184,7 @@ public function newUserSession()
         $ldapport   		= $this->get('ldapport');
         $ldapver    		= $this->get('ldapversion');
         $ldaptls    		= $this->get('ldaptls');
+        $ldapoptreferrals   = $this->get('ldapoptreferrals');
         $ldapmode    		= $this->get('ldapmode');
         $suffix     		= $this->get('domainsuffix');
         $prefix     		= $this->get('userprefix');
@@ -207,6 +214,7 @@ public function newUserSession()
             $ldapver = 2;
         }
         ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, $ldapver);
+        ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, $ldapoptreferrals);
 
         if (!empty($ldaptls) && $ldaptls == '1' && $ldapver == 3 && preg_match("/^ldaps:\/\//", $ldapserver) == 0 )
         {