Fixes #1092, setting LDAP_OPT_REFERRALS to 0 for Active Directory

app/config/version.php

@@ -1,5 +1,5 @@
 <?php
 return array (
   'app_version' => 'v2.0-RC',
-  'hash_version' => 'v2.0-RC-1',
+  'hash_version' => 'v2.0-RC-1-1-g8892fee',
 );

app/controllers/AuthController.php

@@ -18,24 +18,26 @@ class AuthController extends BaseController
         return View::make('frontend.auth.signin');
     }
 
-    
+
     /**
      * Authenticates a user to LDAP
-     * 
+     *
      * @return  true    if the username and/or password provided are valid
      *          false   if the username and/or password provided are invalid
-     * 
+     *
      */
     function ldap($username, $password) {
-        
+
         $ldaphost    = Config::get('ldap.url');
         $ldaprdn     = Config::get('ldap.username');
         $ldappass    = Config::get('ldap.password');
         $baseDn      = Config::get('ldap.basedn');
         $filterQuery = Config::get('ldap.authentication.filter.query') . $username;
-	
+
 	// Connecting to LDAP
 	$connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
+    // Needed for AD
+    ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
 
         try {
             if ($connection) {
@@ -54,10 +56,10 @@ class AuthController extends BaseController
             LOG::error($e->getMessage());
         }
 	ldap_close($connection);
-	return false;	
+	return false;
     }
-    
-    
+
+
     /**
      * Account sign in form processing.
      *
@@ -81,15 +83,15 @@ class AuthController extends BaseController
         }
 
         try {
-            
+
             /**
              * =================================================================
              * Hack in LDAP authentication
              */
-            
+
             // Try to get the user from the database.
             $user = (array) DB::table('users')->where('username', Input::get('username'))->first();
-            
+
             if ($user && strpos($user["notes"],'LDAP') !== false) {
                 LOG::debug("Authenticating user against LDAP.");
                 if( $this->ldap(Input::get('username'), Input::get('password')) ) {
@@ -114,7 +116,7 @@ class AuthController extends BaseController
                 // Try to log the user in
                 Sentry::authenticate(Input::only('username', 'password'), Input::get('remember-me', 0));
             }
-            
+
             // Get the page we were before
             $redirect = Session::get('loginRedirect', 'account');
 

app/controllers/admin/UsersController.php

@@ -1085,6 +1085,10 @@ class UsersController extends AdminController {
 
         // Connect to LDAP server
         $ldapconn = @ldap_connect($url);
+
+        // Needed for AD
+        ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
+
         if (!$ldapconn) {
             return Redirect::route('users')->with('error', Lang::get('admin/users/message.error.ldap_could_not_connect'));
         }