Skip to content

ldap: Fix autodiscovery for Active Directory #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: develop
Choose a base branch
from
Open

ldap: Fix autodiscovery for Active Directory #86

wants to merge 6 commits into from

Conversation

greezybacon
Copy link
Contributor

There are a couple problems with the current autodiscover protocol in the plugin:

  • Net_DNS2 does not support auto-discovery of DNS servers on Windows platforms, and so cannot lookup the LDAP servers
  • The configuration pre_save does not properly handle empty DNS server listing, and so offers incorrect negative feedback when leaving the LDAP servers box and DNS servers boxes blank
  • Multi-site Active Directory deployments may have servers that are far away from the osTicket server. Windows rates all servers with the same weight and priority. Therefore, osTicket will likely select a poor server from the list to bind to and search

This patch adds support for automatically discovering the closest domain controller (LDAP server) by asynchronously connecting to all domain controllers advertised in DNS, sorted by priority and weight, in parallel and using the first server to respond.

The protocol is described by Microsoft at
https://technet.microsoft.com/en-us/library/cc978016.aspx

ldap: Fix autodiscovery for Active Directory
39d1cb2 
This patch adds support for automatically discovering the closest domain
controller (LDAP server) by asynchronously connecting to all domain
controllers advertised in DNS, sorted by priority and weight, in parallel
and using the first server to respond.

The protocol is described by Microsoft at
https://technet.microsoft.com/en-us/library/cc978016.aspx
@greezybacon greezybacon force-pushed the issue/ldap-auto-discovery-v2 branch from 72a39e8 to 39d1cb2 Compare September 30, 2015 16:21
greezybacon
greezybacon reviewed Oct 1, 2015
View reviewed changes
auth-ldap/authentication.php Outdated
$sockets = array();
reset($servers);
$closest = null;
$loops = 60; # 6 seconds max
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, with 2ms loop timing, this is 120ms (which is probably a long enough delay)

greezybacon
greezybacon reviewed Oct 14, 2015
View reviewed changes
auth-ldap/authentication.php Outdated
if (!in_array($error, array(SOCKET_EINPROGRESS, SOCKET_EALREADY))) {
// Bad mojo
socket_close($sk);
unset($sockets,$i);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

unset($sockets[$i]);

@Neustradamus
Copy link

@greezybacon: What is the status of this feature/pr several years after?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@greezybacon @Neustradamus