search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Code type module improvements:
[openemr.git] / library / adldap / adLDAP_sync.php
blob3333a4e48f9c9d001e8b1ff2ffdbf165a0818a8e
1 <?php
2 /*
3 * Syncronize users with the Active Directory
4 * - read user names and info from Active Directory
5 * - update the Users table in OpenEMR
6 * - handles deleted usernames
7 * - handles new usernames
8 *
9 * 12 Dec 2007 - Jason Morrill
10 */
11
12 require_once("adLDAP.php");
13 require_once("adLDAP_conf.inc");
14 require_once("../sql.inc");
15
16 /*====================================================
17 Usernames to ignore when querying Active Directory
18 ** CHANGE THIS ** to accommodate your AD userbase
19 *====================================================*/
20
21 $excludedUsers = array ("Administrator", "SQLServer", "SQLDebugger",
22 "TsInternetUser", "someotheruser"
23 );
24
25
26 /*====================================================
27 * No changes below here should be necessary
28 *===================================================*/
29
30
31 // the attributes we pull from Active Directory
32 $ldapAttributes = array("givenname", "sn", "displayname",
33 "physicaldeliveryofficename", "homephone",
34 "telephonenumber", "mobile", "pager",
35 "facsimiletelephonenumber", "mail", "title",
36 "department", "streetaddress", "postofficebox",
37 "l", "st", "postalcode"
38 );
39
40 // mapping of Active Directory attributes to OpenEMR Users table columns
41 $attributeMapping = array (
42 "givenname" => "fname"
43 ,"sn" => "lname"
44 //,"displayname" => ""
45 //,"physicaldeliveryofficename" => ""
46 //,"homephone" => ""
47 ,"telephonenumber" => "phonew1"
48 ,"mobile" => "phonecell"
49 //,"pager" => ""
50 ,"facsimiletelephonenumber" => "fax"
51 ,"mail" => "email"
52 ,"title" => "specialty"
53 //,"department" => ""
54 ,"streetaddress" => "street"
55 ,"postofficebox" => "streetb"
56 ,"l" => "city"
57 ,"st" => "state"
58 ,"postalcode" => "zip"
59 );
60
61 // create new instance and connect to AD with user & pass
62 // defined in adLDAP_conf.inc
63 $adldap = new adLDAP($adldap_options);
64
65 // gather all our known usernames from OpenEMR
66 // they will be used to compare what is found in Active Directory
67 $oemrUsers = array();
68 $sqlH = sqlStatement("select id, username from users");
69 while ($onerow = sqlFetchArray($sqlH)) { array_push($oemrUsers, $onerow); }
70
71 $adUsers = $adldap->all_users();
72 foreach ($adUsers as $adUser) {
73 // loop over all the Active Directory users
74
75 // skip the excluded usernames
76 $skip = 0;
77 foreach ($excludedUsers as $ex) {
78 if ($ex == $adUser) { $skip = 1; break; }
79 }
80 if ($skip == 1) { continue; }
81
82 // query LDAP for the full user info
83 $userInfo = $adldap->user_info($adUser, $ldapAttributes);
84
85 if (NewUser($adUser, $oemrUsers)) {
86 // add new user
87 echo "Adding user $adUser";
88 if (AddUser($adUser, $userInfo)) { echo ", OK\n"; }
89 else { echo ", FAILED\n"; }
90 }
91 else {
92 // update existing users with Active Directory info
93 echo "existing user $adUser";
94 if (UpdateUser($adUser, $userInfo)) { echo ", OK\n"; }
95 else { echo ", FAILED\n"; }
96 }
97 }
98
99 // re-query in case we have updated a username in the previous loop
100 $oemrUsers = array();
101 $sqlH = sqlStatement("select id, username from users");
102 while ($onerow = sqlFetchArray($sqlH)) { array_push($oemrUsers, $onerow); }
103
104 // for all the usernames in OpenEMR and NOT IN Active Directory
105 // de-activate them in OpenEMR
106 foreach ($oemrUsers as $user) {
107 $found = false;
108 foreach ($adUsers as $adUser) {
109 if ($user['username'] == $adUser) { $found = true; break; }
110 }
111 if ($found == false) {
112 $sqlstmt = "update users set active=0 where ".
113 "id=".$user['id'];
114 if (sqlStatement($sqlstmt)) { echo "Deactivated ".$user['username']." from OpenEMR\n"; }
115 else { echo "Failed to deactivate ".$user['username']." from OpenEMR\n"; }
116 }
117 }
118
119 exit;
120
121
122 /*=====================================
123 Add a user to the OpenEMR database
124 =====================================*/
125 function AddUser($adUsername, $adLDAPinfo) {
126 global $attributeMapping;
127
128 ksort($attributeMapping);
129 $sqlstmt = "insert into users (id, username";
130 foreach ($attributeMapping as $key=>$value) {
131 $sqlstmt .= ", ".$value;
132 }
133 $sqlstmt .= ") values (null, '".$adUsername."'";
134 foreach ($attributeMapping as $key=>$value) {
135 $sqlstmt .= ", '".addslashes($adLDAPinfo[0][$key][0])."'";
136 }
137 $sqlstmt .= ")";
138 if (sqlStatement($sqlstmt) == false) { return false; }
139
140 // add the user to the default group
141 $sqlstmt = "insert into groups (".
142 "name, user ".
143 ") values (".
144 "'Default'".
145 ", '".$adUsername."'".
146 ")";
147 if (sqlStatement($sqlstmt) == false) { return false; }
148
149 return true;
150 }
151
152
153 /*=====================================
154 Update and existing user in the OpenEMR database
155 =====================================*/
156 function UpdateUser($adUsername, $adLDAPinfo) {
157 global $attributeMapping;
158 ksort($attributeMapping);
159
160 $sqlstmt = "update users set ";
161 $comma = "";
162 foreach ($attributeMapping as $key=>$value) {
163 $sqlstmt .= $comma . $value . "='". addslashes($adLDAPinfo[0][$key][0])."'";
164 $comma = ", ";
165 }
166 $sqlstmt .= " where username = '".$adUsername."'";
167
168 return sqlStatement($sqlstmt);
169 }
170
171
172 /*=====================================
173 Determine if the supplied username
174 exists in the OpenEMR Users table
175 =====================================*/
176 function NewUser($username, $oemrUsers) {
177 foreach ($oemrUsers as $user) {
178 if ($user['username'] == $username) { return false; }
179 }
180 return true;
181 }
182 ?>
Mirror of official OpenEMR Sourceforge repository