From 03fbd72d66edc1324e772c412204d70285c9d300 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Sun, 21 Jun 2020 19:52:15 +0200
Subject: [PATCH 1/3] FIX For better compatibility with Samba4 AD

---
 htdocs/core/class/ldap.class.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php
index b22473ec483..4434bd7be89 100644
--- a/htdocs/core/class/ldap.class.php
+++ b/htdocs/core/class/ldap.class.php
@@ -55,6 +55,10 @@ class Ldap
 	/**
 	 * Version du protocole ldap
 	 */
+    public $ldapProtocolVersion;
+    /**
+     * Server DN
+     */
     public $domain;
 	/**
 	 * User administrateur Ldap
@@ -466,8 +470,6 @@ class Ldap
 	 */
     public function modify($dn, $info, $user)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::modify dn=".$dn." info=".join(',', $info));
 
 		// Check parameters
@@ -492,6 +494,10 @@ class Ldap
 		$this->dump($dn, $info);
 
 		//print_r($info);
+		// For better compatibility with Samba4 AD
+		if ($this->serverType == "activedirectory") {
+			unset($info['cn']); // For avoid error : Operation not allowed on RDN (Code 67)
+		}
 		$result=@ldap_modify($this->connection, $dn, $info);
 
 		if ($result)
@@ -520,8 +526,6 @@ class Ldap
 	 */
     public function rename($dn, $newrdn, $newparent, $user, $deleteoldrdn = true)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::modify dn=".$dn." newrdn=".$newrdn." newparent=".$newparent." deleteoldrdn=".($deleteoldrdn?1:0));
 
 		// Check parameters
@@ -571,8 +575,6 @@ class Ldap
 	 */
     public function update($dn, $info, $user, $olddn, $newrdn = false, $newparent = false)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::update dn=".$dn." olddn=".$olddn);
 
 		// Check parameters
@@ -589,7 +591,7 @@ class Ldap
 
 		if (! $olddn || $olddn != $dn)
 		{
-			if (! empty($olddn) && ! empty($newrdn) && ! empty($newparent) && $conf->global->LDAP_SERVER_PROTOCOLVERSION === '3')
+			if (! empty($olddn) && ! empty($newrdn) && ! empty($newparent) && $this->ldapProtocolVersion === '3')
 			{
 				// This function currently only works with LDAPv3
 				$result = $this->rename($olddn, $newrdn, $newparent, $user, true);
@@ -631,8 +633,6 @@ class Ldap
 	 */
     public function delete($dn)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::delete Delete LDAP entry dn=".$dn);
 
 		// Check parameters

From 9a4f5e3d9a2b319027e86630ecc90028da38ae6e Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Sun, 21 Jun 2020 21:10:51 +0200
Subject: [PATCH 2/3] FIX We force "modify" for avoid some field not modify

---
 htdocs/core/class/ldap.class.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php
index 4434bd7be89..dfcb4690a7f 100644
--- a/htdocs/core/class/ldap.class.php
+++ b/htdocs/core/class/ldap.class.php
@@ -595,6 +595,7 @@ class Ldap
 			{
 				// This function currently only works with LDAPv3
 				$result = $this->rename($olddn, $newrdn, $newparent, $user, true);
+				$result = $this->modify($dn, $info, $user);	// We force "modify" for avoid some fields not modify
 			}
 			else
 			{

From 32844a8d0c587e6c429c6200631b6b97dfae2c89 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Mon, 22 Jun 2020 09:26:42 +0200
Subject: [PATCH 3/3] FIX clean code

---
 htdocs/core/class/ldap.class.php | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php
index dfcb4690a7f..213f644029e 100644
--- a/htdocs/core/class/ldap.class.php
+++ b/htdocs/core/class/ldap.class.php
@@ -164,7 +164,7 @@ class Ldap
     public function connect_bind()
 	{
         // phpcs:enable
-		global $langs, $conf;
+		global $conf;
 
 		$connected=0;
 		$this->bind=0;
@@ -187,7 +187,7 @@ class Ldap
 		if (empty($this->error))
 		{
 			// Loop on each ldap server
-			foreach ($this->server as $key => $host)
+			foreach ($this->server as $host)
 			{
 				if ($connected) break;
 				if (empty($host)) continue;
@@ -416,8 +416,6 @@ class Ldap
 	 */
     public function add($dn, $info, $user)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::add dn=".$dn." info=".join(',', $info));
 
 		// Check parameters
@@ -692,7 +690,7 @@ class Ldap
 			}
 			else
 			{
-				foreach($value as $valuekey => $valuevalue)
+				foreach($value as $valuevalue)
 				{
 					$content.="$key: $valuevalue\n";
 				}
@@ -774,8 +772,6 @@ class Ldap
 	 */
     public function addAttribute($dn, $info, $user)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::addAttribute dn=".$dn." info=".join(',', $info));
 
 		// Check parameters
@@ -826,8 +822,6 @@ class Ldap
 	 */
     public function updateAttribute($dn, $info, $user)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::updateAttribute dn=".$dn." info=".join(',', $info));
 
 		// Check parameters
@@ -878,8 +872,6 @@ class Ldap
 	 */
     public function deleteAttribute($dn, $info, $user)
 	{
-		global $conf;
-
 		dol_syslog(get_class($this)."::deleteAttribute dn=".$dn." info=".join(',', $info));
 
 		// Check parameters