我是一所小型学校的系统管理员,我正在尝试使用CLI PHP脚本将所有AD用户导入Joomla!数据库。这个脚本附带了JMapMyLDAP(顺便说一下,所有其他的工作都很棒)。我最初达到了1000个用户的限制,但那是'#34;修复"通过增加默认AD限制。但是,现在我在处理1015个用户后遇到了错误。我现在收到一条消息,说明有
用户:XXXX的致命错误(无法与代理用户绑定。) 剩下的成员有318个,我很肯定它不是权限问题,因为我可以通过测试工具绑定到这些帐户。
我包括PHP脚本,以便有人可以告诉我是否有办法绕过我在1015可能遇到的任何限制。我似乎无法找到指示实际问题是因为1015处似乎存在的唯一限制是您可以参与多少组。那不是我的问题......
如果可能的话,如果有人能找到一种方法来反转脚本数组,它也会有效。就像现在一样,1015个用户按字母顺序显示。脚本继续为这些用户执行,并在之后显示剩余318的错误,所以我的想法是,如果按字母顺序颠倒数组,那么脚本基本上只能从列表的底部开始工作它的方式。这不是理想的,但它也不是一个必须运行超过一次的脚本。
我已多次尝试排序,缩小范围或以其他方式超过我似乎能够使用的总数,但我对PHP几乎一无所知。
提前感谢大家的帮助和时间。
<?php
/**
* PHP Version 5.3
*
* @package Shmanic.CLI
* @author Shaun Maunder <shaun@shmanic.com>
*
* @copyright Copyright (C) 2011-2013 Shaun Maunder. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
// Make sure we're being called from the command line, not a web interface
(!array_key_exists('REQUEST_METHOD', $_SERVER)) or die;
define('_JEXEC', 1);
// Load system defines
if (file_exists(dirname(dirname(__FILE__)) . '/defines.php'))
{
require_once dirname(dirname(__FILE__)) . '/defines.php';
}
if (!defined('_JDEFINES'))
{
define('JPATH_BASE', dirname(dirname(__FILE__)));
require_once JPATH_BASE . '/includes/defines.php';
}
// Get the J! Framework and CMS libraries.
require_once JPATH_LIBRARIES . '/import.php';
require_once JPATH_LIBRARIES . '/cms.php';
// Load the configuration if one doesn't exist
(class_exists('JConfig')) or require_once JPATH_CONFIGURATION . '/configuration.php';
// Configure error reporting to maximum for CLI output.
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Load Library language
$lang = JFactory::getLanguage();
// Try the Shmanic LDAP file in the current language (without allowing the loading of the file in the default language)
$lang->load('files_cli_shmanic_ldap', JPATH_SITE, null, false, false)
// Fallback to the Shmanic LDAP file in the default language
|| $lang->load('files_cli_shmanic_ldap', JPATH_SITE, null, true);
// Get the Shmanic platform and Ldap libraries.
require_once JPATH_PLATFORM . '/shmanic/import.php';
shImport('ldap');
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3) or die('Unable to set LDAP protocol version');
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); // We need this for doing an LDAP search.
/**
* This script will fetch all the LDAP users in the specified
* base DN and synchronise them to the Joomla! database.
*
* @package Shmanic.CLI
* @since 2.0
*/
class LdapCron extends JApplicationCli
{
/**
* Entry point for the script.
*
* @return void
*
* @since 2.0
*/
public function doExecute()
{
// Setup some stats
$failed = 0;
$success = 0;
$errors = array();
// It appears we have to tell the system we are running with the site otherwise bad things happen
JFactory::getApplication('site');
$this->out(JText::_('CLI_SHMANIC_LDAP_INFO_13001'));
// Get all the valid configurations
if (!$configs = SHLdapHelper::getConfig())
{
// Failed to find any Ldap configs
$this->out(JText::_('CLI_SHMANIC_LDAP_ERR_13003'));
$this->close(1);
}
// Check if only a single config was found
if ($configs instanceof JRegistry)
{
/*
* To make things easier, we pretend we returned multiple Ldap configs
* by casting the single entry into an array.
*/
$configs = array($configs);
}
$count = count($configs);
$this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13002', $count))->out();
// Loop around each LDAP configuration
foreach ($configs as $config)
{
try
{
// Get a new Ldap object
$ldap = new SHLdap($config);
// Bind with the proxy user
if (!$ldap->authenticate(SHLdap::AUTH_PROXY))
{
// Something is wrong with this LDAP configuration - cannot bind to proxy user
$errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13011', $ldap->info), 13011);
unset($ldap);
continue;
}
// Get all the Ldap users in the directory
if (!$result = $ldap->search(null, $ldap->allUserFilter, array('dn', $ldap->keyUid)))
{
// Failed to search for all users in the directory
$errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13012', $ldap->getErrorMsg()), 13012);
unset($ldap);
continue;
}
// Loop around each Ldap user
for ($i = 0; $i < $result->countEntries(); ++$i)
{
// Get the Ldap username (case insensitive)
if (!$username = strtolower($result->getValue($i, $ldap->keyUid, 0)))
{
continue;
}
try
{
// Check if this user is in the blacklist
if ($blacklist = (array) json_decode(SHFactory::getConfig()->get('user.blacklist')))
{
if (in_array($username, $blacklist))
{
throw new RuntimeException(JText::_('CLI_SHMANIC_LDAP_ERR_13025'), 13025);
}
}
// Create the new user adapter
$adapter = new SHUserAdaptersLdap(array('username' => $username), $config);
// Get the Ldap DN
if (!$dn = $adapter->getId(false))
{
continue;
}
$this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13020', $username));
// Get the Ldap user attributes
$source = $adapter->getAttributes();
// Get the core mandatory J! user fields
$username = $adapter->getUid();
$fullname = $adapter->getFullname();
$email = $adapter->getEmail();
if (empty($fullname))
{
// Full name doesnt exist; use the username instead
$fullname = $username;
}
if (empty($email))
{
// Email doesnt exist; cannot proceed
throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13022'), 13022);
}
// Create the user array to enable creating a JUser object
$user = array(
'fullname' => $fullname,
'username' => $username,
'password_clear' => null,
'email' => $email
);
// Create a JUser object from the Ldap user
$options = array('adapter' => &$adapter);
$instance = SHUserHelper::getUser($user, $options);
if ($instance === false)
{
// Failed to get the user either due to save error or autoregister
throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13024'), 13024);
}
// Fire the Ldap specific on Sync feature
$sync = SHLdapHelper::triggerEvent('onLdapSync', array(&$instance, $options));
// Check if the synchronise was successfully and report
if ($sync !== false)
{
// Even if the sync does not need a save, do it anyway as Cron efficiency doesnt matter too much
SHUserHelper::save($instance);
// Above should throw an exception on error so therefore we can report success
$this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13029', $username));
++$success;
}
else
{
throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13026'), 13026);
}
unset($adapter);
}
catch (Exception $e)
{
unset($adapter);
++$failed;
$errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13028', $username, $e->getMessage()), $e->getCode());
}
}
}
catch (Exception $e)
{
$errors[] = new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13004'), 13004);
}
}
// Print out some results and stats
$this->out()->out()->out(JText::_('CLI_SHMANIC_LDAP_INFO_13032'))->out();
$this->out(JText::_('CLI_SHMANIC_LDAP_INFO_13038'));
foreach ($errors as $error)
{
if ($error instanceof Exception)
{
$this->out(' ' . $error->getCode() . ': ' . $error->getMessage());
}
else
{
$this->out(' ' . (string) $error);
}
}
$this->out()->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13034', $success));
$this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13036', $failed));
$this->out()->out('============================');
}
}
JApplicationCli::getInstance('LdapCron')->execute();