Cadoles
/
nineskeletor
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nineskeletor/src/Service/LdapService.php

842 lines
30 KiB
PHP
Raw Normal View History

first commit symfony 6
2022-07-21 16:15:47 +02:00
<?php
namespace App\Service;
use Symfony\Component\DependencyInjection\ContainerInterface;
use App\Entity\User;
use App\Entity\Niveau01;
use App\Entity\Niveau02;
use App\Entity\Group;
use App\Entity\UserGroup;
class LdapService
{
private $connection;
public function __construct(ContainerInterface $container)
{
$this->appMasteridentity = $container->getParameter("appMasteridentity");
$this->synchro = $container->getParameter("appSynchro");
$this->host = $container->getParameter("ldapHost");
$this->port = $container->getParameter("ldapPort");
$this->usetls = $container->getParameter("ldapUsetls");
$this->userwriter = $container->getParameter("ldapUserwriter");
$this->user = $container->getParameter("ldapUser");
$this->password = $container->getParameter("ldapPassword");
$this->basedn = $container->getParameter("ldapBasedn");
$this->baseorganisation = $container->getParameter("ldapBaseorganisation");
$this->baseniveau01 = $container->getParameter("ldapBaseniveau01");
$this->baseniveau02 = $container->getParameter("ldapBaseniveau02");
$this->basegroup = $container->getParameter("ldapBasegroup");
$this->baseuser = $container->getParameter("ldapBaseuser");
$this->username = $container->getParameter("ldapUsername");
$this->firstname = $container->getParameter("ldapFirstname");
$this->lastname = $container->getParameter("ldapLastname");
$this->email = $container->getParameter("ldapEmail");
$this->avatar = $container->getParameter("ldapAvatar");
$this->memberof = $container->getParameter("ldapMemberof");
$this->groupgid = $container->getParameter("ldapGroupgid");
$this->groupname = $container->getParameter("ldapGroupname");
$this->groupmember = $container->getParameter("ldapGroupmember");
$this->groupmemberisdn = $container->getParameter("ldapGroupmemberisdn");
$this->filtergroup = $container->getParameter("ldapFiltergroup");
$this->filteruser = $container->getParameter("ldapFilteruser");
$this->userattributes = [$this->username,$this->firstname,$this->lastname,$this->email,$this->avatar,$this->memberof];
}
public function isNine2Ldap() {
return ($this->connect()&&$this->appMasteridentity=="SQL"&&$this->synchro=="NINE2LDAP"&&$this->userwriter&&$this->baseorganisation&&$this->baseniveau01&&$this->baseniveau02&&$this->basegroup&&$this->baseuser);
}
public function connect() {
// Si on est déjà co = on rebind pour gérer le cas d'un timeout de connection
if($this->connection){
if(!@ldap_bind($this->connection, $this->user, $this->password)){
$this->disconnect();
}
}
if($this->connection){
return $this->connection;
} else {
$ldapConn = ldap_connect($this->host, $this->port);
if($ldapConn){
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if($this->usetls) ldap_start_tls($ldapConn);
if(@ldap_bind( $ldapConn, $this->user, $this->password)){
$this->connection = $ldapConn;
return $this->connection;
}
}
}
return false;
}
public function userconnect($username,$userpassword) {
$ldapConn = ldap_connect($this->host, $this->port);
$this->connection = $ldapConn;
if($this->connection){
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if($this->usetls) ldap_start_tls($ldapConn);
$dn = $this->getUserDN($username);
if(@ldap_bind( $ldapConn, $dn, $userpassword)){
$res = $this->search(str_replace("*",$username,$this->filteruser),$this->userattributes, $this->baseuser);
$this->disconnect();
return $res;
}
}
$this->disconnect();
return false;
}
public function getParameter($key) {
switch($key) {
case "baseuser" : return $this->baseuser; break;
case "basegroup" : return $this->basegroup; break;
case "baseniveau01" : return $this->baseniveau01; break;
case "baseniveau02" : return $this->baseniveau02; break;
case "basedn" : return $this->basedn; break;
case "filteruser" : return $this->filteruser; break;
}
}
public function search($filter, $attributes = array(), $subBranch = '') {
$connection = $this->connect();
$branch = ($subBranch ? $subBranch : $this->basedn);
$result = ldap_search($connection, $branch, $filter, $attributes,0,0,0);
if(!$result) {
$this->ldapError();
}
return $this->resultToArray($result);
}
public function searchdn($dn, $subBranch = '') {
$connection = $this->connect();
$tbdn=ldap_explode_dn($dn,0);
$branch = ($subBranch ? $subBranch : $this->basedn);
$result = ldap_search($connection, $branch, "(".$tbdn[0].")", [],0,0,0);
if(!$result) {
$this->ldapError();
}
return $this->resultToArray($result);
}
public function deleteByDN($dn){
$connection = $this->connect();
$removed = ldap_delete($connection, $dn);
if(!$removed){
$this->ldapError();
}
}
public function rename($oldDN, $newDN, $parentDN = '', $deleteOldDN = true){
$connection = $this->connect();
$result = ldap_rename($connection, $oldDN, $newDN, $parentDN, $deleteOldDN);
if(!$result) $this->ldapError();
return $result;
}
private function resultToArray($result){
$connection = $this->connect();
$resultArray = array();
if($result){
$entry = ldap_first_entry($connection, $result);
while ($entry){
$row = array();
$attr = ldap_first_attribute($connection, $entry);
while ($attr){
$val = ldap_get_values_len($connection, $entry, $attr);
if(array_key_exists('count', $val) AND $val['count'] == 1){
$row[strtolower($attr)] = $val[0];
} else {
$row[strtolower($attr)] = $val;
}
if(is_array($row[strtolower($attr)])) {
unset($row[strtolower($attr)]["count"]);
}
$attr = ldap_next_attribute($connection, $entry);
}
$resultArray[] = $row;
$entry = ldap_next_entry($connection, $entry);
}
}
return $resultArray;
}
public function in_array_r($item , $array){
return preg_match('/"'.$item.'"/i' , json_encode($array));
}
public function disconnect(){
if($this->connection) {
ldap_unbind($this->connection);
$this->connection=null;
}
}
public function ldapError(){
$connection = $this->connect();
throw new \Exception(
'Error: ('. ldap_errno($connection) .') '. ldap_error($connection)
);
}
public function ldapModify($dn,$attrs) {
$connection = $this->connect();
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
//==================================================================================================================================================================
//== Function Organisation==========================================================================================================================================
//==================================================================================================================================================================
public function addOrganisations() {
$ldapentrys=$this->searchdn($this->baseorganisation);
if(empty($ldapentrys)) {
$this->addOrganisation($this->basedn);
}
$ldapentrys=$this->searchdn($this->baseniveau01,$this->baseorganisation);
if(empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau01);
}
$ldapentrys=$this->searchdn($this->baseniveau02,$this->baseorganisation);
if(empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau02);
}
$ldapentrys=$this->searchdn($this->basegroup,$this->baseorganisation);
if(empty($ldapentrys)) {
$this->addOrganisation($this->basegroup);
}
$ldapentrys=$this->searchdn($this->baseuser,$this->baseorganisation);
if(empty($ldapentrys)) {
$this->addOrganisation($this->baseuser);
}
}
public function addOrganisation($dn) {
$connection = $this->connect();
$attrs = array();
$attrs['objectclass'] = ["top","organizationalUnit"];
$result = ldap_add($connection, $dn, $attrs);
if(!$result) $this->ldapError();
return $result;
}
//==================================================================================================================================================================
//== Function User==================================================================================================================================================
//==================================================================================================================================================================
public function addUser(User $user) {
$connection = $this->connect();
$dn = $this->getUserDN($user->getUsername());
$attrs = array();
$attrs['objectclass'] = $this->getObjectClassesUser();
$this->fillAttributesUser($user, $attrs);
foreach($attrs as $key => $value){
if(empty($value)){
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if(!$result) $this->ldapError();
return $result;
}
public function ismodifyUser(User $user,$entry){
$attrs = [];
$this->fillAttributesUser($user, $attrs);
foreach($attrs as $key => $value) {
if(!array_key_exists($key,$entry)&&!empty($value)) return true;
elseif(array_key_exists($key,$entry)&&$value!=$entry[$key]) return true;
}
foreach($entry as $key => $value) {
if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key]) return true;
}
return false;
}
public function modifyUser(User $user){
$dn = $this->basedn;
$connection = $this->connect();
$attrs = array();
$this->fillAttributesUser($user, $attrs);
// Rechercher le DN du user
$dn = $this->getUserDN($user->getUsername());
foreach($attrs as $key => $value){
if(empty($value)){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, array($key => array()));
unset($attrs[$key]);
}
}
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
public function modifyUserpwd(User $user){
$dn = $this->basedn;
$connection = $this->connect();
$attrs = array();
// Attributs associés au password
if($this->type=="AD")
$attrs["unicodepwd"] = $user->getPasswordad();
$attrs['userpassword'] = $user->getPassword();
// Rechercher le DN du user
$dn = $this->getUserDN($user->getUsername());
foreach($attrs as $key => $value){
if(empty($value)){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, array($key => array()));
unset($attrs[$key]);
}
}
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
public function updateNiveauUser(User $user,$todel=false) {
$dn = $this->basedn;
$connection = $this->connect();
// NIVEAU01
// On recherche le Niveau01 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch=$this->baseniveau01;
$results = $this->search($criteria, array('cn'), $subbranch);
foreach($results as $result) {
// Si Niveau01 différent de celui en cours on le détache de ce Niveau01
if($result["cn"]!=$user->getNiveau01()->getLabel()||$todel) {
$dn = $this->getNiveau01DN($result["cn"]);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
}
// On recherche le Niveau01 en cours
if(!$todel) {
$criteria = '(cn='.$user->getNiveau01()->getLabel().')';
$subbranch=$this->baseniveau01;
$result = $this->search($criteria, array('memberuid'), $subbranch);
// S'il n'est pas membre du Niveau01 on le rattache
if(!$this->in_array_r($user->getUsername(),$result[0])) {
$dn = $this->getNiveau01DN($user->getNiveau01()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
}
// NIVEAU02
// On recherche le Niveau02 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch=$this->baseniveau02;
$results = $this->search($criteria, array('cn'), $subbranch);
foreach($results as $result) {
// Si Niveau02 différent de celui en cours on le détache de ce Niveau02
if($user->getNiveau02()===null||$result["cn"]!=$user->getNiveau02()->getLabel()||$todel) {
$dn = $this->getNiveau02DN($result["cn"]);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
}
// On recherche le Niveau02 en cours
if(!$todel) {
if($user->getNiveau02()!==null) {
$criteria = '(cn='.$user->getNiveau02()->getLabel().')';
$subbranch=$this->baseniveau02;
$result = $this->search($criteria, array('memberuid'), $subbranch);
// S'il n'est pas membre du Niveau02 on le rattache
if(empty($result)||!$this->in_array_r($user->getUsername(),$result[0])) {
$dn = $this->getNiveau02DN($user->getNiveau02()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
}
}
return $result;
}
public function deleteUser(User $user){
$dn = $this->getUserDN($user->getUsername());
return $this->deleteByDN($dn);
}
public function getObjectClassesUser() {
$oc = array(
'top',
'person',
'organizationalPerson',
'inetOrgPerson',
);
return $oc;
}
public function listAttributesUser() {
return [
"uid",
"cn",
"givenname",
"sn",
"mail",
"displayname",
"telephonenumber",
"postaladdress",
"userpassword",
];
}
public function fillAttributesUser(User $user, array &$attrs) {
$attrs['uid'] = $user->getUsername();
$attrs['cn'] = $user->getFirstname() . ' ' . $user->getLastname();
$attrs['givenname'] = $user->getFirstname();
$attrs['sn'] = $user->getLastname();
$attrs['mail'] = $user->getEmail();
$attrs['displayname'] = $user->getFirstname() . ' ' . $user->getLastname();
$attrs['telephonenumber'] = $user->getTelephonenumber();
$attrs['postaladdress'] = $user->getPostaladress();
$attrs['userpassword'] = $user->getPassword();
}
public function getUserDN($username) {
return $this->username.'='.$username.','.$this->baseuser;
}
//==================================================================================================================================================================
//== Function Niveau01==============================================================================================================================================
//==================================================================================================================================================================
public function findNiveau01($ldapfilter) {
$ldapentrys=$this->search($ldapfilter,[$this->groupgid,$this->groupname,$this->groupmember],$this->baseniveau01);
return $ldapentrys;
}
public function findNiveau01ismember($ldapfilter,$username) {
$ldapentrys=$this->findNiveau01($ldapfilter);
foreach($ldapentrys as $ldapentry) {
if(is_array($ldapentry[$this->groupmember])) {
if(in_array($username,$ldapentry[$this->groupmember])) return true;
}
elseif($username==$ldapentry[$this->groupmember]) return true;
}
return false;
}
public function addNiveau01(Niveau01 $niveau01) {
$connection = $this->connect();
$dn = $this->getNiveau01DN($niveau01->getLabel());
$attrs = array();
$attrs['objectclass'] = $this->getObjectClassesNiveau01();
$this->fillAttributesNiveau01($niveau01, $attrs);
foreach($attrs as $key => $value){
if(empty($value)){
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if(!$result) $this->ldapError();
return $result;
}
public function ismodifyNiveau01(Niveau01 $niveau01,$entry){
$attrs = [];
$this->fillAttributesNiveau01($niveau01, $attrs);
foreach($attrs as $key => $value) {
if(!array_key_exists($key,$entry)&&!empty($value)) return true;
elseif(array_key_exists($key,$entry)&&$value!=$entry[$key]) return true;
}
foreach($entry as $key => $value) {
if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key]) return true;
}
return false;
}
public function modifyNiveau01(Niveau01 $niveau01,$oldid){
$dn = $this->basedn;
$connection = $this->connect();
$attrs = array();
$this->fillAttributesNiveau01($niveau01, $attrs);
unset($attrs["cn"]);
$dn = $this->getNiveau01DN($niveau01->getLabel());
foreach($attrs as $key => $value){
if(empty($value)){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, array($key => array()));
unset($attrs[$key]);
}
}
if(isset($oldid)&&$oldid!=$niveau01->getLabel()) {
$olddn = $this->getNiveau01DN($oldid);
$this->rename($olddn,"cn=".$niveau01->getLabel(),$this->baseniveau01);
}
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
public function deleteNiveau01(Niveau01 $niveau01){
$dn = $this->getNiveau01DN($niveau01->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau01() {
$oc = array(
'top',
'posixGroup',
);
return $oc;
}
public function listAttributesNiveau01() {
return [
"cn",
"gidnumber",
"memberuid",
];
}
public function fillAttributesNiveau01(Niveau01 $niveau01, array &$attrs) {
$attrs['cn'] = $niveau01->getLabel();
$attrs['gidnumber'] = $niveau01->getId();
$attrs['memberuid'] = [];
foreach($niveau01->getUsers() as $user) {
array_push($attrs['memberuid'],$user->getUsername());
}
sort($attrs['memberuid']);
if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];
}
public function getNiveau01DN($id) {
return 'cn='.$id.','.$this->baseniveau01;
}
//==================================================================================================================================================================
//== Function Niveau02==============================================================================================================================================
//==================================================================================================================================================================
public function addNiveau02(Niveau02 $niveau02) {
$connection = $this->connect();
$dn = $this->getNiveau02DN($niveau02->getLabel());
$attrs = array();
$attrs['objectclass'] = $this->getObjectClassesNiveau02();
$this->fillAttributesNiveau02($niveau02, $attrs);
foreach($attrs as $key => $value){
if(empty($value)){
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if(!$result) $this->ldapError();
return $result;
}
public function ismodifyNiveau02(Niveau02 $niveau02,$entry){
$attrs = [];
$this->fillAttributesNiveau02($niveau02, $attrs);
foreach($attrs as $key => $value) {
if(!array_key_exists($key,$entry)&&!empty($value)) return true;
elseif(array_key_exists($key,$entry)&&$value!=$entry[$key]) return true;
}
foreach($entry as $key => $value) {
if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key]) return true;
}
return false;
}
public function modifyNiveau02(Niveau02 $niveau02,$oldid){
$dn = $this->basedn;
$connection = $this->connect();
$attrs = array();
$this->fillAttributesNiveau02($niveau02, $attrs);
unset($attrs["cn"]);
$dn = $this->getNiveau02DN($niveau02->getLabel());
foreach($attrs as $key => $value){
if(empty($value)){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, array($key => array()));
unset($attrs[$key]);
}
}
if(isset($oldid)&&$oldid!=$niveau02->getLabel()) {
$olddn = $this->getNiveau02DN($oldid);
$this->rename($olddn,"cn=".$niveau02->getLabel(),$this->baseniveau02);
}
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
public function deleteNiveau02(Niveau02 $niveau02){
$dn = $this->getNiveau02DN($niveau02->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau02() {
$oc = array(
'top',
'posixGroup',
);
return $oc;
}
public function listAttributesNiveau02() {
return [
"cn",
"gidnumber",
"memberuid"
];
}
public function fillAttributesNiveau02(Niveau02 $niveau02, array &$attrs) {
$attrs['cn'] = $niveau02->getLabel();
$attrs['gidnumber'] = $niveau02->getId();
$attrs['memberuid'] = [];
foreach($niveau02->getUsers() as $user) {
array_push($attrs['memberuid'],$user->getUsername());
}
sort($attrs['memberuid']);
if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];
}
public function getNiveau02DN($id) {
return 'cn='.$id.','.$this->baseniveau02;
}
//==================================================================================================================================================================
//== Function Group=================================================================================================================================================
//==================================================================================================================================================================
public function addGroup(Group $group) {
$connection = $this->connect();
$dn = $this->getGroupDN($group->getLabel());
$attrs = array();
$attrs['objectclass'] = $this->getObjectClassesGroup();
$this->fillAttributesGroup($group, $attrs);
foreach($attrs as $key => $value){
if(empty($value)){
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if(!$result) $this->ldapError();
return $result;
}
public function ismodifyGroup(Group $group,$entry){
$attrs = [];
$this->fillAttributesGroup($group, $attrs);
foreach($attrs as $key => $value) {
if(!array_key_exists($key,$entry)&&!empty($value)) return true;
elseif(array_key_exists($key,$entry)&&$value!=$entry[$key]) return true;
}
foreach($entry as $key => $value) {
if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key]) return true;
}
return false;
}
public function modifyGroup(Group $group,$oldid){
$dn = $this->basedn;
$connection = $this->connect();
$attrs = array();
$this->fillAttributesGroup($group, $attrs);
unset($attrs["cn"]);
$dn = $this->getGroupDN($group->getLabel());
foreach($attrs as $key => $value){
if(empty($value)){
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, array($key => array()));
unset($attrs[$key]);
}
}
if(isset($oldid)&&$oldid!=$group->getLabel()) {
$olddn = $this->getGroupDN($oldid);
$this->rename($olddn,"cn=".$group->getLabel(),$this->basegroup);
}
$result = ldap_modify($connection, $dn, $attrs);
if(!$result) $this->ldapError();
}
public function deleteGroup(Group $group){
$dn = $this->getGroupDN($group->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesGroup() {
$oc = array(
'top',
'posixGroup',
);
return $oc;
}
public function listAttributesGroup() {
return [
"cn",
"gidnumber",
"memberuid"
];
}
public function fillAttributesGroup(Group $group, array &$attrs) {
$attrs['cn'] = $group->getLabel();
$attrs['gidnumber'] = $group->getId();
$attrs['memberuid'] = [];
foreach($group->getUsers() as $usergroup) {
array_push($attrs['memberuid'],$usergroup->getUser()->getUsername());
}
sort($attrs['memberuid']);
if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];
}
public function getGroupDN($id) {
return 'cn='.$id.','.$this->basegroup;
}
//==================================================================================================================================================================
//== Function UserGroup=============================================================================================================================================
//==================================================================================================================================================================
function addUserGroup(UserGroup $usergroup) {
$dn = $this->basedn;
$connection = $this->connect();
// On recherche le group en cours
$criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
$subbranch=$this->basegroup;
$result = $this->search($criteria, array('memberuid'), $subbranch);
if(!$this->in_array_r($usergroup->getUser()->getUsername(),$result[0])) {
$dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
$entry['memberuid'] = $usergroup->getUser()->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
return $result;
}
function delUserGroup(UserGroup $usergroup) {
$dn = $this->basedn;
$connection = $this->connect();
// On recherche le group en cours
$criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
$subbranch=$this->basegroup;
$result = $this->search($criteria, array('memberuid'), $subbranch);
if($this->in_array_r($usergroup->getUser()->getUsername(),$result[0])) {
$dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
$entry['memberuid'] = $usergroup->getUser()->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if(!$result) $this->ldapError();
}
return $result;
}
}