From 9d3002cabbae4fe3cba288f94aec70c025a2f65e Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Wed, 13 Mar 2019 09:05:52 +0100 Subject: [PATCH] Auth/LDAP: Fallback to 'commonName' if 'name' isn't available for full name , closes https://github.com/opnsense/core/pull/3322 --- src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php index 4374e3cf3..17738100d 100644 --- a/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php +++ b/src/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php @@ -383,12 +383,18 @@ class LDAP extends Base implements IAuthConnector // fetch distinguished name and most likely username (try the search field first) foreach (array($userNameAttribute, "name") as $ldapAttr) { if (isset($searchResults[$i][$ldapAttr]) && $searchResults[$i][$ldapAttr]['count'] > 0) { - $result[] = array( + $user = array( 'name' => $searchResults[$i][$ldapAttr][0], - 'fullname' => !empty($searchResults[$i]['name'][0]) ? - $searchResults[$i]['name'][0] : "", 'dn' => $searchResults[$i]['dn'] ); + if (!empty($searchResults[$i]['name'][0])) { + $user['fullname'] = $searchResults[$i]['name'][0]; + } elseif (!empty($searchResults[$i]['cn'][0])) { + $user['fullname'] = $searchResults[$i]['cn'][0]; + } else { + $user['fullname'] = ''; + } + $result[] = $user ; break; } }