1
|
|
2
|
This script is intended to help separate LDAP Drupal module configuration and bugs from LDAP server, ldap php extension, and related connectivity and LDAP permissions issues. It uses the php ldap extension functions like ldap_connect(), ldap_search(), etc. rather than the Drupal LDAP module code.
|
3
|
|
4
|
Watchout for the following:
|
5
|
-- The test script does not depend on the Drupal LDAP module and should not be run within a web server context. -- Command line PHP with the LDAP Extension enabled are requirements.
|
6
|
-- Often command line PHP will have a different php.ini configuration than the web server's php.ini. See http://php.net/manual/features.commandline.php
|
7
|
|
8
|
Additional background on prerequisites and debugging Drupal LDAP module are available at:
|
9
|
http://drupal.org/node/1023900
|
10
|
http://drupal.org/node/1141764
|
11
|
|
12
|
|
13
|
--------------------------------
|
14
|
Running the Script
|
15
|
--------------------------------
|
16
|
|
17
|
1. Copy this directory (ldap_test_script) outside of web root.
|
18
|
2. Edit config.inc to reflect your server configuration. The array is in the form:
|
19
|
$config['servers'][<server friendly name>][<server param>] = value
|
20
|
$config['servers'][<server friendly name>]['test_queries'][<query name>] = array of test query data
|
21
|
$config['servers'][<server friendly name>]['test_provisions'][<provision name>] = array of test provision data
|
22
|
|
23
|
in provisioning part of array:
|
24
|
'delete_if_exists' TURE | FALSE indicates if the provisioned object should be deleted if it exists
|
25
|
'find_filter' is the filter to find the object. eg. 'cn=jdoe', 'distinguishedname=...' (This is needed only if delete_if_exists is TRUE)
|
26
|
'attr' is the array of attribute/values to provision. should not include 'dn'
|
27
|
|
28
|
such as:
|
29
|
|
30
|
array(
|
31
|
'servers' => array(
|
32
|
'default' => array(
|
33
|
'server_address' => 'ad.mycollege.edu',
|
34
|
'server_port' => 389,
|
35
|
'server_tls' => FALSE,
|
36
|
'server_bind_method' => LDAP_SERVERS_BIND_METHOD_SERVICE_ACCT,
|
37
|
'server_base_dn' => 'ou=people,dc=ad,dc=mycollege,dc=edu',
|
38
|
'server_bind_dn' => 'cn=ldap-service-account,ou=service accounts,dc=ad,dc=mycollege,dc=edu',
|
39
|
'server_bind_pw' => 'password_here',
|
40
|
'test_queries' => array(
|
41
|
'user' => array(
|
42
|
'filter' => 'cn=jbarclay',
|
43
|
'show_attr' => array('dn','cn','displayname','sn','givenname','mail','samaccountname','email'),
|
44
|
),
|
45
|
),
|
46
|
'test_provisions' => array(
|
47
|
'simple_user' => array(
|
48
|
'dn' => "cn=ed-drupal-user-17,ou=people,dc=ad,dc=mycollege,dc=edu",
|
49
|
'delete_if_exists' => TRUE,
|
50
|
'find_filter' => "distinguishedName=cn=ed-drupal-user-17,ou=people,dc=ad,dc=mycollege,dc=edu",
|
51
|
'attr' => array(
|
52
|
"displayName" => "Drupal User",
|
53
|
"cn" => 'ed-drupal-user-17',
|
54
|
"samaccountname" => 'ed-drupal-user-17',
|
55
|
"objectclass" => array(
|
56
|
"top", "person", "organizationalPerson", "user",
|
57
|
),
|
58
|
"description" => "test user",
|
59
|
'mail' => 'ed-drupal-user-17@ad.mycollege.edu',
|
60
|
'givenName' => 'Drupal',
|
61
|
'sn' => 'User',
|
62
|
'distinguishedName' => "cn=ed-drupal-user-17,ou=people,dc=ad,dc=mycollege,dc=edu",
|
63
|
),
|
64
|
),
|
65
|
'simple_group' => array(
|
66
|
'dn' => "cn=ed-drupal-group2,ou=groups,dc=ad,dc=mycollege,dc=edu",
|
67
|
'delete_if_exists' => TRUE,
|
68
|
'find_filter' => "distinguishedName=cn=ed-drupal-group2,ou=groups,dc=ad,dc=mycollege,dc=edu",
|
69
|
'attr' => array(
|
70
|
"cn" => 'ed-drupal-group2',
|
71
|
"sAMAccountName" => 'ed-drupal-group2',
|
72
|
'instanceType' => '4',
|
73
|
"objectClass" => array(
|
74
|
"top", "group",
|
75
|
),
|
76
|
'name' => 'ed-drupal-group2',
|
77
|
'objectCategory' => 'CN=Group,CN=Schema,CN=Configuration,dc=mycollege,dc=edu',
|
78
|
'distinguishedName' => "cn=ed-drupal-group2,ou=groups,dc=ad,dc=mycollege,dc=edu",
|
79
|
),
|
80
|
),
|
81
|
),
|
82
|
);
|
83
|
|
84
|
3. Comment out the die() statement near the top of config.php
|
85
|
That is:
|
86
|
die('Move this..
|
87
|
Becomes:
|
88
|
// die('Move this...
|
89
|
|
90
|
4. From the ldap_test_script, type:
|
91
|
php test.php
|
92
|
|
93
|
|