| 20,6 → 20,7 |
|---|
| LDAP_PASSWORD=$(grep '^LDAP_PASSWORD=' $CONF_FILE | cut -d"=" -f2-) # its password |
| LDAP_BASE=$(grep '^LDAP_BASE=' $CONF_FILE | cut -d"=" -f2-) # Where to find the users (cn=**,dc=**,dc=**) |
| LDAP_UID=$(grep '^LDAP_UID=' $CONF_FILE | cut -d"=" -f2) # 'samaccountname' for A.D. - 'UID' for LDAP |
| LDAP_FILTER=$(grep '^LDAP_FILTER=' $CONF_FILE | cut -d"=" -f2-) # LDAP filter |
| LDAP_SSL=$(grep '^LDAP_SSL=' $CONF_FILE | cut -d"=" -f2-) # LDAP SSL status |
| LDAP_CERT_REQUIRED=$(grep '^LDAP_CERT_REQUIRED=' $CONF_FILE | cut -d"=" -f2-) # LDAP SSL certificate verifying |
| |
| 51,7 → 52,8 |
|---|
| $SED "s/^\tidentity =.*/\tidentity = \"${LDAP_USER//\"/\\\\\\\"}\"/g" $LDAP_MODULE |
| $SED "s/^\tpassword =.*/\tpassword = \"${LDAP_PASSWORD//\"/\\\\\\\"}\"/g" $LDAP_MODULE |
| $SED "s/^\tbase_dn =.*/\tbase_dn = \"${LDAP_BASE//\"/\\\\\\\"}\"/g" $LDAP_MODULE |
| $SED "s/^\t\tfilter =.*/\t\tfilter = \"(${LDAP_UID//\"/\\\\\\\"}=%{%{Stripped-User-Name}:-%{User-Name}})\"/g" $LDAP_MODULE |
| [ -n "$LDAP_FILTER" ] && filter="$LDAP_FILTER" || filter='&' |
| $SED "s/^\t\tfilter =.*/\t\tfilter = \"(\&(${LDAP_UID//\"/\\\\\\\"}=%{%{Stripped-User-Name}:-%{User-Name}})($filter))\"/g" $LDAP_MODULE |
| if [ ! -e /etc/raddb/mods-enabled/ldap ]; then |
| ln -s $LDAP_MODULE /etc/raddb/mods-enabled/ldap |
| fi |
| 104,7 → 106,8 |
|---|
| else |
| protocol='ldap' |
| fi |
| /usr/bin/ldapsearch $debugOpt -LLL -H "$protocol://$LDAP_SERVER" -x -D "$LDAP_USER" -w "$LDAP_PASSWORD" -b "$LDAP_BASE" "($LDAP_UID=*)" 1.1 |
| [ -n "$LDAP_FILTER" ] && filter="$LDAP_FILTER" || filter='&' |
| /usr/bin/ldapsearch $debugOpt -LLL -H "$protocol://$LDAP_SERVER" -x -D "$LDAP_USER" -w "$LDAP_PASSWORD" -b "$LDAP_BASE" "(&($LDAP_UID=*)($filter))" 1.1 |
| ;; |
| *) |
| echo "Argument inconnu : $1"; |