by Nadirshah Ferozepurwalla.
Further sumerized details to this post
Thanks everyone for your reply in different post, yes it would be easy if I had the option of syncing all the users with Moodle but. The scenario is as follows.
Details
User type: MS Active Directory
Contexts: dc=(organization),dc=edu
User attribute: samaccountname
Object class: (&(objectclass=user)(!(objectclass=computer)))
- 10K or more users since LDAP came into existence.
- No users deleted, Users only Disabled.
- Cannot allow syncing of all active users to moodle Database, for which i am altering the code in LDAP where it forms a Temp table, such that it only sends present moodle users data to the temp table.
- yes there is LDAP advance sync plugin available but its only for moodle3.2 and higher. I have moodle2.9
- So now when the sync script runs, it should suspend those users in moodle which are disabled in LDAP, because the temp table mdl_tmp_extuser will only have records of users who are already present in moodle
My question here is this code alteration correct, Will it work, Is the mysql correctly scripted?
file: auth\ldap\auth.php
if ($entry = @ldap_first_entry($ldapconnection, $ldap_result)) {
do {
$value = ldap_get_values_len($ldapconnection, $entry, $this->config->user_attribute);
$value = core_text::convert($value[0], $this->config->ldapencoding, 'utf-8');
$value = trim($value);
//here addition starts
try {
$username_n = core_text::strtolower($value); // usernames are __always__ lowercase. $sql_n = "SELECT u.* FROM {user} u WHERE u.username = '".$username_n."'";
$found_user = $DB->get_records_sql($sql_n, array('auth'=>$this->authtype));
}
catch (Exception $e) {
echo "!Echo1!!! Could not add user. Exception details: ".print_r($e, true);
echo "\n!!!! Stopping so you can fix the problematic user...\n\n\n";
die();
}
if (!empty($found_user))
{
$this->ldap_bulk_insert($value);
}
unset($found_user);
//here addition ends
} while ($entry = ldap_next_entry($ldapconnection, $entry));
}