Linux ITDB+LDAP implements the functions that ITDB imports into LDAP users

: In the hardware management of ITDB, it is necessary to assign users to the hardware. This user wants to import from LDAP users. Process: 1. Import the LDAP into the database of ITDB, you can. However, after the import is successful, these users can also log in to the ITDB. The permissions of the ITDB users added by default from LDAP are read-only. Solution: How to import users into ITDB? When is it imported? Import when logging in? Or import when assigning users to hardware? One point to note here is that the ITDB itself has also developed a combination of LDAP functionality. But the official update log shows that the LDAP function is immature, thinking that it can only meet the basic needs of shared LDAP users. The authority control is also relatively simple. Either join the LDAP with read-only permissions, or set to full permissions. (You can add it separately, you can also modify the parameters from the configuration file before importing, it should be in the initialization file, init.php) How does the ITDB itself join the LDAP user? ? ? First admin/admin logs in to the ITDB system. Then set the information about the LDAP server in the settings. You can now log in using the user and password in LDAP. The first time you set it up, it certainly won't work. After you can connect to LDAP, you should consider when to import all users in LDAP (or you choose a branch) into the ITDB. Open the itdb-1.22 source code. Find the file init.php open. Pull to the bottom and find " ? >“ That is where the code ends. Insert the following code in the line before the question mark

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////1.16");//Connect to ldap server $srn1 = ldap_search($dsn1,"ou=People,dc=bawo,dc=cn","(cn=*)");//Query ou= People, dc=bawo, dc=cn, the result of cn, return to srn1 $infon1 = ldap_get_entries($dsn1, $srn1); //get the number of entries in srn1, save in infon1 array for ($ i = 1; $i < $infon1["count"]; $i++)//Start the loop to join the ITDB database //for ($i = 0; $i < 3; $i++)//this It is used for testing. Only the first three users of 0, 1, and 2 are added to the system, which is beneficial to delete { $usrn1=trim(strtolower($infon1[$i]["cn"][0])); /username becomes lowercase, then interrupt $u=0; $u=getuserbyname($usrn1);//getuserbuname is used to check if the username exists in the ITDB database, if it does not exist, Returns -1, or $u if it exists. If ($u==-1){ $rnd=mt_rand(); //createa random db_execute2($dbh, "IN SERT into users (username,cookie1,usertype) values ​​(:username,:cookie1,:usertype) ", array('username'=>$usrn1,'cookie1'=>$rnd,'usertype'=>2));//This usertype is to create the permissions granted by the user db_exec($dbh," ;UPDATE users set cookie1='$rnd' where username='$usrn1'",1,1); } }//////////////////////////////////////////////////////////////////// 
 
 The meaning of this code is that Just open the ITDB page, it will update the u=People, dc=bawo, dc=cn user in the LDAP to the ITDB database. It will be updated regardless of the success or failure of the login.