MDL-47004 LDAP: improved the default objectClass setting for AD.

auth/cas/db/upgrade.php

@@ -58,5 +58,18 @@ function xmldb_auth_cas_upgrade($oldversion) {
     // Moodle v2.8.0 release upgrade line.
     // Put any upgrade step following this.
 
+    if ($oldversion < 2014111001) {
+        global $DB;
+        // From now on the default LDAP objectClass setting for AD has been changed, from 'user' to '(samaccounttype=805306368)'.
+        if (is_enabled_auth('cas')
+                && ($DB->get_field('config_plugins', 'value', array('name' => 'user_type', 'plugin' => 'auth/cas')) === 'ad')
+                && ($DB->get_field('config_plugins', 'value', array('name' => 'objectclass', 'plugin' => 'auth/cas')) === '')) {
+            // Save the backwards-compatible default setting.
+            set_config('objectclass', 'user', 'auth/cas');
+        }
+
+        upgrade_plugin_savepoint(true, 2014111001, 'auth', 'cas');
+    }
+
     return true;
 }

auth/cas/version.php

@@ -26,7 +26,7 @@
 
 defined('MOODLE_INTERNAL') || die();
 
-$plugin->version   = 2014111000;        // The current plugin version (Date: YYYYMMDDXX)
+$plugin->version   = 2014111001;        // The current plugin version (Date: YYYYMMDDXX)
 $plugin->requires  = 2014110400;        // Requires this Moodle version
 $plugin->component = 'auth_cas';        // Full name of the plugin (used for diagnostics)
 

auth/ldap/db/upgrade.php

@@ -48,5 +48,18 @@ function xmldb_auth_ldap_upgrade($oldversion) {
     // Moodle v2.8.0 release upgrade line.
     // Put any upgrade step following this.
 
+    if ($oldversion < 2014111001) {
+        global $DB;
+        // From now on the default LDAP objectClass setting for AD has been changed, from 'user' to '(samaccounttype=805306368)'.
+        if (is_enabled_auth('ldap')
+                && ($DB->get_field('config_plugins', 'value', array('name' => 'user_type', 'plugin' => 'auth/ldap')) === 'ad')
+                && ($DB->get_field('config_plugins', 'value', array('name' => 'objectclass', 'plugin' => 'auth/ldap')) === '')) {
+            // Save the backwards-compatible default setting.
+            set_config('objectclass', 'user', 'auth/ldap');
+        }
+
+        upgrade_plugin_savepoint(true, 2014111001, 'auth', 'ldap');
+    }
+
     return true;
 }

auth/ldap/version.php

@@ -25,6 +25,6 @@
 
 defined('MOODLE_INTERNAL') || die();
 
-$plugin->version   = 2014111000;        // The current plugin version (Date: YYYYMMDDXX)
+$plugin->version   = 2014111001;        // The current plugin version (Date: YYYYMMDDXX)
 $plugin->requires  = 2014110400;        // Requires this Moodle version
 $plugin->component = 'auth_ldap';       // Full name of the plugin (used for diagnostics)

lib/db/upgrade.php

@@ -4347,6 +4347,5 @@ function xmldb_main_upgrade($oldversion) {
         upgrade_main_savepoint(true, 2015040900.03);
     }
 
-
     return true;
 }

lib/ldaplib.php

@@ -64,7 +64,7 @@ function ldap_getdefaults() {
                         'rfc2307' => 'posixaccount',
                         'rfc2307bis' => 'posixaccount',
                         'samba' => 'sambasamaccount',
-                        'ad' => 'user',
+                        'ad' => '(samaccounttype=805306368)',
                         'default' => '*'
                         );
     $default['user_attribute'] = array(