first attempt of OpenLDAP check for disabled account (#44)

ltb-project · Oct 16, 2024 · 8f8ad29 · 8f8ad29
1 parent e049a6e
commit 8f8ad29
Showing 1 changed file with 17 additions and 2 deletions.
diff --git a/src/Ltb/Directory/OpenLDAP.php b/src/Ltb/Directory/OpenLDAP.php
@@ -231,8 +231,23 @@ public function disableAccount($ldap, $dn) : bool {
     }
 
     public function isAccountEnabled($ldap, $dn) : bool {
-        // Not implemented
-        return true;
+
+        # Get entry
+        $search = \Ltb\PhpLDAP::ldap_read($ldap, $dn, "(objectClass=*)", array('pwdAccountDisabled'));
+        $errno = \Ltb\PhpLDAP::ldap_errno($ldap);
+
+        if ( $errno ) {
+            error_log("LDAP - Search error $errno  (".ldap_error($ldap).")");
+            return false;
+        } else {
+            $entry = \Ltb\PhpLDAP::ldap_get_entries($ldap, $search);
+        }
+
+        if (empty($entry[0]['pwdAccountDisabled'])) {
+            return true;
+        } else {
+            return false;
+        }
     }
 
     public function getLdapDate($date) : string {