Merged in bugfix/HOR-3221 (pull request #6052)

HOR-3221 Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
2017-09-25 20:36:16 +00:00
parent a0f0d21e5a 5ef5c28d38
commit ac313f342c
3 changed files with 525 additions and 639 deletions
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -437,33 +437,40 @@ class RBAC
        foreach ($this->aRbacPlugins as $sClassName) {
            $plugin = new $sClassName();
-            if (method_exists( $plugin, 'automaticRegister' )) {
+            if (method_exists($plugin, 'automaticRegister')) {
-                $oCriteria = new Criteria( 'rbac' );
+                $oCriteria = new Criteria('rbac');
-                $oCriteria->add( AuthenticationSourcePeer::AUTH_SOURCE_PROVIDER, $sClassName );
+                $oCriteria->add(AuthenticationSourcePeer::AUTH_SOURCE_PROVIDER, $sClassName);
-                $oCriteria->addAscendingOrderByColumn( AuthenticationSourcePeer::AUTH_SOURCE_NAME );
+                $oCriteria->addAscendingOrderByColumn(AuthenticationSourcePeer::AUTH_SOURCE_NAME);
-                $oDataset = AuthenticationSourcePeer::doSelectRS( $oCriteria, Propel::getDbConnection('rbac_ro') );
+                $oDataset = AuthenticationSourcePeer::doSelectRS($oCriteria, Propel::getDbConnection('rbac_ro'));
-                $oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
+                $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
                $oDataset->next();
                $aRow = $oDataset->getRow();
-                while (is_array( $aRow )) {
+                while (is_array($aRow)) {
-                    $aRow = array_merge( $aRow, unserialize( $aRow['AUTH_SOURCE_DATA'] ) );
+                    $aRow = array_merge($aRow, unserialize($aRow['AUTH_SOURCE_DATA']));
                    //Check if this authsource is enabled for AutoRegister, if not skip this
                    if ($aRow['AUTH_SOURCE_AUTO_REGISTER'] == 1) {
                        $plugin->sAuthSource = $aRow['AUTH_SOURCE_UID'];
                        $plugin->sSystem = $this->sSystem;
                        //search the usersRolesObj
                        //create the users in ProcessMaker
-                        $res = $plugin->automaticRegister( $aRow, $strUser, $strPass );
+                        try {
                            $res = $plugin->automaticRegister($aRow, $strUser, $strPass);
                            if ($res == 1) {
                                return $res;
                            }
                        } catch (Exception $e) {
                            $context = Bootstrap::getDefaultContextLog();
                            $context["action"] = "ldapSynchronize";
                            $context["authSource"] = $aRow;
                            Bootstrap::registerMonolog("ldapSynchronize", 400, $e->getMessage(), $context, $context["workspace"], "processmaker.log");
                        }
                    }
                    $oDataset->next();
                    $aRow = $oDataset->getRow();
                }
            }
        }
-
+        return $result;
    }
    /**
--- a/workflow/engine/classes/LdapAdvanced.php
+++ b/workflow/engine/classes/LdapAdvanced.php
@@ -1,5 +1,7 @@
 <?php
 use \ProcessMaker\BusinessModel\User;
 /**
 * class.ldapAdvanced.php
 * LDAP plugin for the RBAC class. This
@@ -41,21 +43,17 @@ class LdapAdvanced
     * @var Object
     */
    private static $instance = null;
    private $arrayObjectClassFilter = array(
        "user" => "|(objectclass=inetorgperson)(objectclass=organizationalperson)(objectclass=person)(objectclass=user)",
        "group" => "|(objectclass=posixgroup)(objectclass=group)(objectclass=groupofuniquenames)",
        "department" => "|(objectclass=organizationalunit)"
    );
    private $arrayAttributes = array(
        "ldap" => array("uid" => "uid", "member" => "memberuid"), //OpenLDAP
        "ad" => array("uid" => "samaccountname", "member" => "member"), //Active Directory
        "ds" => array("uid" => "uid", "member" => "uniquemember") //389 DS
    );
    private $arrayAttributesForUser = array("dn", "uid", "samaccountname", "givenname", "sn", "cn", "mail", "userprincipalname", "useraccountcontrol", "accountexpires", "manager");
    private $frontEnd = false;
    private $debug = false;
    public $arrayAuthenticationSourceUsersByUid = array();
@@ -64,7 +62,6 @@ class LdapAdvanced
    public $arrayDepartmentUsersByUsername = array();
    public $arrayGroupUsersByUid = array();
    public $arrayGroupUsersByUsername = array();
    private $arrayDepartmentUserSynchronizedChecked = array();
    private $arrayUserUpdateChecked = array();
@@ -299,8 +296,8 @@ class LdapAdvanced
    public function progressBar($total, $count)
    {
        try {
-            $p = (int)(($count * 100) / $total);
+            $p = (int) (($count * 100) / $total);
-            $n = (int)($p / 2);
+            $n = (int) ($p / 2);
            return "[" . str_repeat("|", $n) . str_repeat(" ", 50 - $n) . "] $p%";
        } catch (Exception $e) {
@@ -371,7 +368,6 @@ class LdapAdvanced
            unset($arrayCharacter[124]); //|
            unset($arrayCharacter[126]); //~
            unset($arrayCharacter[127]); //DEL
            //Return
            return array_unique($arrayCharacter);
        } catch (Exception $e) {
@@ -449,9 +445,10 @@ class LdapAdvanced
     *
     * before the log was generated in shared/sites/<site> folder, but it was deprecated
     * and now we are saving the log in  shared/log the entry in the log file.
-     * @author Fernando Ontiveros Lira <fernando@colosa.com>
+     *
     * @param Object $_link ldap connection
     * @param String $text
     * @return void
     */
    public function log($link, $text)
    {
@@ -459,7 +456,7 @@ class LdapAdvanced
        $logFile = PATH_DATA . "log/ldapAdvanced.log";
        if (!file_exists($logFile) || is_writable($logFile)) {
-            $fpt= fopen($logFile, "a");
+            $fpt = fopen($logFile, "a");
            $ldapErrorMsg = "";
            $ldapErrorNr = 0;
@@ -501,7 +498,7 @@ class LdapAdvanced
    /**
     * This method generates the ldap connection bind and returns the link object
     * for a determined authsource
-     * @author Fernando Ontiveros Lira <fernando@colosa.com>
+     *
     * @param Array $aAuthSource the authsource data
     * @return Object A object with the resulting ldap bind
     */
@@ -517,7 +514,7 @@ class LdapAdvanced
        $ldapcnn = ldap_connect($aAuthSource['AUTH_SOURCE_SERVER_NAME'], $aAuthSource['AUTH_SOURCE_PORT']);
-        $ldapServer = $aAuthSource["AUTH_SOURCE_SERVER_NAME"] . ":" . $aAuthSource["AUTH_SOURCE_PORT"] ;
+        $ldapServer = $aAuthSource["AUTH_SOURCE_SERVER_NAME"] . ":" . $aAuthSource["AUTH_SOURCE_PORT"];
        ldap_set_option($ldapcnn, LDAP_OPT_PROTOCOL_VERSION, 3);
        ldap_set_option($ldapcnn, LDAP_OPT_REFERRALS, 0);
@@ -546,7 +543,7 @@ class LdapAdvanced
    /**
     * This method obtains the attributes of a ldap Connection passed as parameter
     * @param Object $ldapcnn ldap connection
-     * @author Fernando Ontiveros Lira <fernando@colosa.com>
+     *
     * @param Object $oEntry Entry object
     * @return Array attributes
     */
@@ -623,7 +620,7 @@ class LdapAdvanced
                    do {
                        $arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
-                        $username = (isset($arrayUserLdap[$uidUserIdentifier]))? $arrayUserLdap[$uidUserIdentifier] : "";
+                        $username = (isset($arrayUserLdap[$uidUserIdentifier])) ? $arrayUserLdap[$uidUserIdentifier] : "";
                        $countUser++;
@@ -704,11 +701,11 @@ class LdapAdvanced
                $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_USERS_FILTER"] = "";
            }
-            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]))? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
+            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"])) ? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
            $filterUsers = trim($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_USERS_FILTER"]);
-            $filter = ($filterUsers != "")? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
+            $filter = ($filterUsers != "") ? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
            $this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartment() > \$filter ----> $filter");
@@ -748,7 +745,7 @@ class LdapAdvanced
                    $ldapcnn = $this->ldapConnection($arrayAuthenticationSourceData);
-                    $filter = ($filterUsers != "")? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
+                    $filter = ($filterUsers != "") ? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
                    $filter = "(&$filter($uidUserIdentifier=$char*))";
                    $this->debugLog("class.ldapAdvanced.php > function ldapGetUsersFromDepartment() > \$filter ----> $filter");
@@ -804,14 +801,8 @@ class LdapAdvanced
     *
     * @return array Return array data
     */
-    private function __ldapGroupSynchronizeMembers(
+    private function __ldapGroupSynchronizeMembers($ldapcnn, array $arrayAuthSourceData, $groupUid, array $arrayGroupLdap, $memberAttribute, array $arrayData = [])
-        $ldapcnn,
+    {
        array $arrayAuthSourceData,
        $groupUid,
        array $arrayGroupLdap,
        $memberAttribute,
        array $arrayData = []
    ) {
        try {
            unset($arrayData['countMembers']);
@@ -820,12 +811,12 @@ class LdapAdvanced
                $arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_USERS_FILTER'] = '';
            }
-            $uidUserIdentifier = (isset($arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER']))?
+            $uidUserIdentifier = (isset($arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER'])) ?
                    $arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER'] : 'uid';
            $filterUsers = trim($arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_USERS_FILTER']);
-            $filter = ($filterUsers != '')? $filterUsers : '(' . $this->arrayObjectClassFilter['user'] . ')';
+            $filter = ($filterUsers != '') ? $filterUsers : '(' . $this->arrayObjectClassFilter['user'] . ')';
            if (isset($arrayGroupLdap[$memberAttribute])) {
                if (!is_array($arrayGroupLdap[$memberAttribute])) {
@@ -850,9 +841,9 @@ class LdapAdvanced
                                $arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
-                                $username = (isset($arrayUserLdap[$uidUserIdentifier]))? $arrayUserLdap[$uidUserIdentifier] : '';
+                                $username = (isset($arrayUserLdap[$uidUserIdentifier])) ? $arrayUserLdap[$uidUserIdentifier] : '';
-                                $arrayData['countUser']++;
+                                $arrayData['countUser'] ++;
                                if ((is_array($username) && !empty($username)) || trim($username) != '') {
                                    $arrayData = $this->groupSynchronizeUser(
@@ -862,8 +853,7 @@ class LdapAdvanced
                                //Progress bar
                                $this->frontEndShow(
-                                    'BAR',
+                                        'BAR', 'Groups: ' . $arrayData['i'] . '/' . $arrayData['n'] . ' ' .
                                    'Groups: ' . $arrayData['i'] . '/' . $arrayData['n'] . ' ' .
                                        $this->progressBar($arrayData['totalUser'], $arrayData['countUser'])
                                );
                            }
@@ -954,18 +944,13 @@ class LdapAdvanced
                        }
                        $arrayData = $this->__ldapGroupSynchronizeMembers(
-                            $ldapcnn,
+                                $ldapcnn, $arrayAuthenticationSourceData, $arrayGroupData['GRP_UID'], $arrayGroupLdap, $memberAttribute2, array_merge($arrayData, ['totalUser' => $totalUser, 'countUser' => $countUser])
                            $arrayAuthenticationSourceData,
                            $arrayGroupData['GRP_UID'],
                            $arrayGroupLdap,
                            $memberAttribute2,
                            array_merge($arrayData, ['totalUser' => $totalUser, 'countUser' => $countUser])
                        );
                        $totalUser = $arrayData['totalUser'];
                        $countUser = $arrayData['countUser'];
-                        $limitMemberRange = (isset($arrayData['countMembers']))? $arrayData['countMembers'] : 0;
+                        $limitMemberRange = (isset($arrayData['countMembers'])) ? $arrayData['countMembers'] : 0;
                        if ($flagMemberRange) {
                            for ($start = $limitMemberRange; true; $start += $limitMemberRange) {
@@ -992,12 +977,7 @@ class LdapAdvanced
                                            }
                                            $arrayData = $this->__ldapGroupSynchronizeMembers(
-                                                $ldapcnn,
+                                                    $ldapcnn, $arrayAuthenticationSourceData, $arrayGroupData['GRP_UID'], $arrayGroupLdap, $memberAttribute2, array_merge($arrayData, ['totalUser' => $totalUser, 'countUser' => $countUser])
                                                $arrayAuthenticationSourceData,
                                                $arrayGroupData['GRP_UID'],
                                                $arrayGroupLdap,
                                                $memberAttribute2,
                                                array_merge($arrayData, ['totalUser' => $totalUser, 'countUser' => $countUser])
                                            );
                                            $totalUser = $arrayData['totalUser'];
@@ -1026,7 +1006,7 @@ class LdapAdvanced
     * This method authentifies if a user has the RBAC_user privileges
     * also verifies if the user has the rights to start an application
     *
-     * @author Fernando Ontiveros Lira <fernando@colosa.com>
+     *
     * @access public
     * @param  string $strUser    UserId  (user login)
@@ -1098,24 +1078,21 @@ class LdapAdvanced
            $usrName = $row["USR_USERNAME"];
            $usrUid = $row["USR_UID"];
            $userDn = $strUser;
            //Get the AuthSource properties
            //Check if the dn in the database record matches with the dn for the ldap account
-            $verifiedUser = $this->searchUserByUid(
+            try {
-                $usrName,
+                $verifiedUser = $this->searchUserByUid($usrName, $arrayAuthSource["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]);
                $arrayAuthSource["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]
            );
                if (empty($verifiedUser) || trim($verifiedUser["sDN"]) == null) {
                    return -1;
                }
-
+                if ($verifiedUser["sDN"] != $strUser || $setAttributes == 1) {
            $userDn = $strUser;
            if ($verifiedUser["sDN"] != $strUser || $setAttributes==1) {
                    $userDn = $verifiedUser['sDN'];
                    //Update data
-                $user = new \ProcessMaker\BusinessModel\User();
+                    $user = new User();
                    $arrayUserData = $user->getUserRecordByPk($usrUid, [], false);
                    $result = $this->__ldapUserUpdateByDnAndData(
@@ -1134,6 +1111,12 @@ class LdapAdvanced
                    BasePeer::doUpdate($c1, $c2, $con);
                }
            } catch (Exception $e) {
                $context = Bootstrap::getDefaultContextLog();
                $context["action"] = "ldapSynchronize";
                $context["authSource"] = $arrayAuthSource;
                Bootstrap::registerMonolog("ldapSynchronize", 400, $e->getMessage(), $context, $context["workspace"], "processmaker.log");
            }
            //Check ldap connection for user
            $arrayAuthSource["AUTH_ANONYMOUS"] = "0";
@@ -1169,7 +1152,7 @@ class LdapAdvanced
                $c1->add(RbacUsersPeer::USR_AUTH_USER_DN, $strUser);
                // update set
                $c2 = new Criteria("rbac");
-                $c2->add(RbacUsersPeer::USR_AUTH_USER_DN, $verifiedUser["sDN"]);
+                $c2->add(RbacUsersPeer::USR_AUTH_USER_DN, $userDn);
                $c2->add(RbacUsersPeer::USR_STATUS, $statusRbac);
                BasePeer::doUpdate($c1, $c2, $con);
                $columnsWf = array();
@@ -1186,7 +1169,7 @@ class LdapAdvanced
            }
            //Check if the user is in the terminated organizational unit
-            if ($this->userIsTerminated($usrName, $attributes["AUTH_SOURCE_RETIRED_OU"])) {
+            if (!empty($verifiedUser) && $this->userIsTerminated($usrName, $attributes["AUTH_SOURCE_RETIRED_OU"])) {
                $this->deactivateUser($usrName);
                $this->log($ldapcnn, "user $strUser is member of Remove OU, deactivating this user.");
@@ -1198,12 +1181,12 @@ class LdapAdvanced
        }
        if ($validUserPass == 1) {
-            $this->log($ldapcnn, "sucessful login user " . $verifiedUser["sDN"]);
+            $this->log($ldapcnn, "sucessful login user " . $userDn);
        } else {
            $this->log($ldapcnn, "failure authentication for user $strUser");
        }
-        return $validUserPass ;
+        return $validUserPass;
    }
    /**
@@ -1217,17 +1200,17 @@ class LdapAdvanced
    public function getUserDataFromAttribute($username, array $arrayAttributes)
    {
        try {
-            $keyMail = (isset($arrayAttributes["mail"]))? "mail" : ((isset($arrayAttributes["userprincipalname"]))? "userprincipalname" : "nomail");
+            $keyMail = (isset($arrayAttributes["mail"])) ? "mail" : ((isset($arrayAttributes["userprincipalname"])) ? "userprincipalname" : "nomail");
            return array(
-                "sUsername"  => trim((is_array($username))? $username[0] : $username),
+                "sUsername" => trim((is_array($username)) ? $username[0] : $username),
-                "sPassword"  => trim((isset($arrayAttributes["userpassword"]))? ((is_array($arrayAttributes["userpassword"]))? $arrayAttributes["userpassword"][0] : $arrayAttributes["userpassword"]) : ""),
+                "sPassword" => trim((isset($arrayAttributes["userpassword"])) ? ((is_array($arrayAttributes["userpassword"])) ? $arrayAttributes["userpassword"][0] : $arrayAttributes["userpassword"]) : ""),
-                "sFullname"  => trim((isset($arrayAttributes["cn"]))?           ((is_array($arrayAttributes["cn"]))?           $arrayAttributes["cn"][0] : $arrayAttributes["cn"]) : ""),
+                "sFullname" => trim((isset($arrayAttributes["cn"])) ? ((is_array($arrayAttributes["cn"])) ? $arrayAttributes["cn"][0] : $arrayAttributes["cn"]) : ""),
-                "sFirstname" => trim((isset($arrayAttributes["givenname"]))?    ((is_array($arrayAttributes["givenname"]))?    $arrayAttributes["givenname"][0] : $arrayAttributes["givenname"]) : ""),
+                "sFirstname" => trim((isset($arrayAttributes["givenname"])) ? ((is_array($arrayAttributes["givenname"])) ? $arrayAttributes["givenname"][0] : $arrayAttributes["givenname"]) : ""),
-                "sLastname"  => trim((isset($arrayAttributes["sn"]))?           ((is_array($arrayAttributes["sn"]))?           $arrayAttributes["sn"][0] : $arrayAttributes["sn"]) : ""),
+                "sLastname" => trim((isset($arrayAttributes["sn"])) ? ((is_array($arrayAttributes["sn"])) ? $arrayAttributes["sn"][0] : $arrayAttributes["sn"]) : ""),
-                "sEmail"     => trim((isset($arrayAttributes[$keyMail]))?       ((is_array($arrayAttributes[$keyMail]))?       $arrayAttributes[$keyMail][0] : $arrayAttributes[$keyMail]) : ""),
+                "sEmail" => trim((isset($arrayAttributes[$keyMail])) ? ((is_array($arrayAttributes[$keyMail])) ? $arrayAttributes[$keyMail][0] : $arrayAttributes[$keyMail]) : ""),
                "sDN" => trim($arrayAttributes["dn"]),
-                "sManagerDN" => trim((isset($arrayAttributes["manager"]))?      ((is_array($arrayAttributes["manager"]))?      $arrayAttributes["manager"][0] : $arrayAttributes["manager"]) : "")
+                "sManagerDN" => trim((isset($arrayAttributes["manager"])) ? ((is_array($arrayAttributes["manager"])) ? $arrayAttributes["manager"][0] : $arrayAttributes["manager"]) : "")
            );
        } catch (Exception $e) {
            throw $e;
@@ -1247,7 +1230,7 @@ class LdapAdvanced
        $countUser = 0;
        $keyword = trim(trim($keyword), "*");
-        $keyword = ($keyword != "")? "*$keyword*" : "*";
+        $keyword = ($keyword != "") ? "*$keyword*" : "*";
        $paged = !is_null($start) && !is_null($limit);
@@ -1261,8 +1244,7 @@ class LdapAdvanced
        $attributeUserSet = array();
        $attributeSetAdd = array();
-        if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
+        if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"]) && !empty($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
            && !empty($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
        ) {
            foreach ($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"] as $value) {
                $attributeSetAdd[] = $value['attributeLdap'];
@@ -1281,11 +1263,11 @@ class LdapAdvanced
            $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_USERS_FILTER"] = "";
        }
-        $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]))? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
+        $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"])) ? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
        $filterUsers = trim($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_USERS_FILTER"]);
-        $filter = ($filterUsers != "")? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
+        $filter = ($filterUsers != "") ? $filterUsers : "(" . $this->arrayObjectClassFilter["user"] . ")";
        $filter = "(&$filter(|(dn=$keyword)(uid=$keyword)(samaccountname=$keyword)(givenname=$keyword)(sn=$keyword)(cn=$keyword)(mail=$keyword)(userprincipalname=$keyword)))";
        $oSearch = @ldap_search($ldapcnn, $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], $filter, array_merge($this->arrayAttributesForUser, $attributeSetAdd));
@@ -1300,18 +1282,18 @@ class LdapAdvanced
                if ($entries > 0) {
                    $oEntry = ldap_first_entry($ldapcnn, $oSearch);
-                    $countEntries=0;
+                    $countEntries = 0;
                    $flagNextRecord = true;
                    do {
                        $aAttr = $this->ldapGetAttributes($ldapcnn, $oEntry);
-                        $sUsername = (isset($aAttr[$uidUserIdentifier]))? $aAttr[$uidUserIdentifier] : "";
+                        $sUsername = (isset($aAttr[$uidUserIdentifier])) ? $aAttr[$uidUserIdentifier] : "";
                        if ((is_array($sUsername) && !empty($sUsername)) || trim($sUsername) != "") {
                            $countUser++;
-                            /*Active Directory userAccountControl Values
+                            /* Active Directory userAccountControl Values
                              Normal Day to Day Values:
                              512 - Enable Account
                              514 - Disable account
@@ -1373,8 +1355,8 @@ class LdapAdvanced
                            foreach ($attributeUserSet as $key => $value) {
                                if ($key == 'USR_STATUS') {
                                    $aUserAttributes[$key] = ($userCountControl != '') ? $userCountControl : 'ACTIVE';
-                                } elseif (isset($aAttr[ $value ])) {
+                                } elseif (isset($aAttr[$value])) {
-                                    $aUserAttributes[$key] = $aAttr[ $value ];
+                                    $aUserAttributes[$key] = $aAttr[$value];
                                }
                            }
@@ -1395,19 +1377,9 @@ class LdapAdvanced
                    } while (($oEntry = ldap_next_entry($ldapcnn, $oEntry)) && $flagNextRecord);
                }
            }
            /*
            $sUsers = "found $countEntries users: ";
            foreach ($aUsers as $key => $val) {
                $sUsers .= $val['sUsername'] . ' ';
        }
-            $this->log($ldapcnn, $sUsers);
+        return ($paged) ? array("numRecTotal" => $totalUser, "data" => $arrayUser) : $arrayUser;
            */
        }
        //Return
        return ($paged)? array("numRecTotal" => $totalUser, "data" => $arrayUser) : $arrayUser;
    }
    /**
@@ -1424,7 +1396,6 @@ class LdapAdvanced
            //Set variables
            $rbac = &RBAC::getSingleton();
            //$rbac->userObj = new RbacUsers();
            if (is_null($rbac->authSourcesObj)) {
                $rbac->authSourcesObj = new AuthenticationSource();
@@ -1442,8 +1413,7 @@ class LdapAdvanced
            $attributeUserSet = array();
            $attributeSetAdd = array();
-            if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
+            if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"]) && !empty($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
                && !empty($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"])
            ) {
                foreach ($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_GRID_ATTRIBUTE"] as $value) {
                    $attributeSetAdd[] = $value["attributeLdap"];
@@ -1451,7 +1421,7 @@ class LdapAdvanced
                }
            }
-            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]))? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
+            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"])) ? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
            $filter2 = "";
@@ -1474,7 +1444,7 @@ class LdapAdvanced
                        $arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
-                        $username = (isset($arrayUserLdap[$uidUserIdentifier]))? $arrayUserLdap[$uidUserIdentifier] : "";
+                        $username = (isset($arrayUserLdap[$uidUserIdentifier])) ? $arrayUserLdap[$uidUserIdentifier] : "";
                        if ((is_array($username) && !empty($username)) || trim($username) != "") {
                            $userCountControl = "";
@@ -1510,7 +1480,7 @@ class LdapAdvanced
                            foreach ($attributeUserSet as $key => $value) {
                                if ($key == "USR_STATUS") {
-                                    $aUserAttributes[$key] = ($userCountControl != "")? $userCountControl : "ACTIVE";
+                                    $aUserAttributes[$key] = ($userCountControl != "") ? $userCountControl : "ACTIVE";
                                } else {
                                    if (isset($arrayUserLdap[$value])) {
                                        $aUserAttributes[$key] = $arrayUserLdap[$value];
@@ -1524,7 +1494,6 @@ class LdapAdvanced
                }
            }
            //Return
            return $arrayUserData;
        } catch (Exception $e) {
            throw $e;
@@ -1589,7 +1558,7 @@ class LdapAdvanced
                        $aData[$value['attributeUser']] = str_replace("*", "'", $user[$value['attributeUser']]);
                        if ($value['attributeUser'] == 'USR_STATUS') {
                            $evalValue = $aData[$value['attributeUser']];
-                            $statusValue = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] :'ACTIVE';
+                            $statusValue = (isset($user['USR_STATUS'])) ? $user['USR_STATUS'] : 'ACTIVE';
                            $aData[$value['attributeUser']] = $statusValue;
                        }
                    }
@@ -1597,7 +1566,7 @@ class LdapAdvanced
            }
            //req - accountexpires
-            if (isset($user["USR_DUE_DATE"]) && $user["USR_DUE_DATE"]!='') {
+            if (isset($user["USR_DUE_DATE"]) && $user["USR_DUE_DATE"] != '') {
                $aData["USR_DUE_DATE"] = $this->convertDateADtoPM($user["USR_DUE_DATE"]);
            }
            //end
@@ -1693,7 +1662,7 @@ class LdapAdvanced
                                if (isset($arrayEntryData['ou']) && !is_array($arrayEntryData['ou'])) {
                                    $arrayDepartment[] = [
                                        'dn' => $arrayEntryData['dn'],
-                                        'parent' => (isset($unitsEqual[1]))? implode(',', $unitsEqual) : '',
+                                        'parent' => (isset($unitsEqual[1])) ? implode(',', $unitsEqual) : '',
                                        'ou' => trim($arrayEntryData['ou']),
                                        'users' => 0
                                    ];
@@ -1714,9 +1683,8 @@ class LdapAdvanced
                $str .= ' ' . $dep['ou'];
            }
-            $this->log($ldapcnn, 'found '. count($arrayDepartment) . ' departments: ' . $str);
+            $this->log($ldapcnn, 'found ' . count($arrayDepartment) . ' departments: ' . $str);
            //Return
            return $arrayDepartment;
        } catch (Exception $e) {
            throw $e;
@@ -1734,7 +1702,7 @@ class LdapAdvanced
        $aUsers = array();
        $rbac = &RBAC::getSingleton();
-        //$rbac->userObj = new RbacUsers();
+
        $rbac->authSourcesObj = new AuthenticationSource();
        $aAuthSource = $rbac->authSourcesObj->load($this->sAuthSource);
@@ -1758,7 +1726,6 @@ class LdapAdvanced
                        $aAttr = $this->ldapGetAttributes($ldapcnn, $oEntry);
                        $aUsers[] = $this->ldapGetUsersFromDepartment("GET", $aAttr["dn"]);
                    } while ($oEntry = ldap_next_entry($ldapcnn, $oEntry));
                    //$this->createDepartments ($aDepts);
                }
            }
            return $aUsers;
@@ -1821,7 +1788,6 @@ class LdapAdvanced
                $arrayData[$row["DEP_UID"]] = $row["NUM_REC"];
            }
            //Return
            return $arrayData;
        } catch (Exception $e) {
            throw $e;
@@ -1842,7 +1808,6 @@ class LdapAdvanced
        return $terminated;
    }
    /* activate an user previously deactivated
      if user is now in another department, we need the second parameter, the depUid
@@ -1850,10 +1815,11 @@ class LdapAdvanced
      @param string optional department DN
      @param string optional DepUid
     */
    public function activateUser($userUid, $userDn = null, $depUid = null)
    {
        if (!class_exists('RbacUsers')) {
-            require_once(PATH_RBAC.'model/RbacUsers.php');
+            require_once(PATH_RBAC . 'model/RbacUsers.php');
        }
        $con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
@@ -1893,7 +1859,7 @@ class LdapAdvanced
    public function deactivateUser($userUid)
    {
        if (!class_exists('RbacUsers')) {
-            require_once(PATH_RBAC.'model/RbacUsers.php');
+            require_once(PATH_RBAC . 'model/RbacUsers.php');
        }
        $con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
@@ -1924,11 +1890,11 @@ class LdapAdvanced
    public function getTerminatedOu()
    {
-        if (trim($this->sAuthSource)!='') {
+        if (trim($this->sAuthSource) != '') {
            $rbac = &RBAC::getSingleton();
            $aAuthSource = $rbac->authSourcesObj->load($this->sAuthSource);
            $attributes = $aAuthSource['AUTH_SOURCE_DATA'];
-            $this->sTerminatedOu = isset($attributes['AUTH_SOURCE_RETIRED_OU'])?$attributes['AUTH_SOURCE_RETIRED_OU']:'';
+            $this->sTerminatedOu = isset($attributes['AUTH_SOURCE_RETIRED_OU']) ? $attributes['AUTH_SOURCE_RETIRED_OU'] : '';
        }
        return $this->sTerminatedOu;
@@ -1943,7 +1909,7 @@ class LdapAdvanced
     */
    public function getAuthSources()
    {
-        require_once(PATH_RBAC.'model/AuthenticationSource.php');
+        require_once(PATH_RBAC . 'model/AuthenticationSource.php');
        $oCriteria = new Criteria('rbac');
        $aAuthSources = array();
@@ -1957,7 +1923,7 @@ class LdapAdvanced
            $aRow = $oDataset->getRow();
            if ($aRow['AUTH_SOURCE_PROVIDER'] == 'ldapAdvanced') {
-                $aRow["AUTH_SOURCE_DATA"] = ($aRow["AUTH_SOURCE_DATA"] != "")? unserialize($aRow["AUTH_SOURCE_DATA"]) : array();
+                $aRow["AUTH_SOURCE_DATA"] = ($aRow["AUTH_SOURCE_DATA"] != "") ? unserialize($aRow["AUTH_SOURCE_DATA"]) : array();
                $aAuthSources[] = $aRow;
            }
@@ -1985,31 +1951,10 @@ class LdapAdvanced
            $arrayLdapDepartment[0]["ou"] = $arrayLdapDepartment[0]["ou"] . " " . $arrayLdapDepartment[0]["dn"]; //Discard ROOT
            foreach ($arrayLdapDepartment as $ldapDept) {
                //$flagExists = false;
                //
                //foreach ($aResult as $value2) {
                //    $arrayDepartmentData = $value2;
                //
                //    if ($arrayDepartmentData["DEP_LDAP_DN"] == $ldapDept["dn"]) {
                //        $flagExists = true;
                //        break;
                //    }
                //}
                //
                //if ($flagExists) {
                //    continue;
                //}
                foreach ($arrayDbDepartment as $department) {
                    if ($department["DEP_TITLE"] == $ldapDept["ou"] && $department["DEP_LDAP_DN"] == $ldapDept["dn"]) {
                        $aResult[] = $department;
                        break;
                        //if ($department["HAS_CHILDREN"] != 0) {
                        //    $aTempDepartments = $this->getDepartments($department["DEP_UID"]);
                        //    $aTempRegistered  = $this->getRegisteredDepartments($arrayLdapDepartment, $aTempDepartments);
                        //    $aResult = array_merge($aResult, $aTempRegistered);
                        //}
                    }
                }
            }
@@ -2057,7 +2002,7 @@ class LdapAdvanced
            }
            if (count($result) >= 1) {
-                $result[ count($result) -1 ]['DEP_LAST'] = 1;
+                $result[count($result) - 1]['DEP_LAST'] = 1;
            }
            return $result;
@@ -2108,7 +2053,7 @@ class LdapAdvanced
    {
        $aUsers = array(); //empty array is the default result
        $attributes = $aAuthSource["AUTH_SOURCE_DATA"];
-        $this->sTerminatedOu = isset($attributes['AUTH_SOURCE_RETIRED_OU'])? trim($attributes['AUTH_SOURCE_RETIRED_OU']) : '';
+        $this->sTerminatedOu = isset($attributes['AUTH_SOURCE_RETIRED_OU']) ? trim($attributes['AUTH_SOURCE_RETIRED_OU']) : '';
        if ($this->sTerminatedOu == '') {
            return $aUsers;
@@ -2128,7 +2073,7 @@ class LdapAdvanced
    public function deactiveArrayOfUsers($aUsers)
    {
        if (!class_exists('RbacUsers')) {
-            require_once(PATH_RBAC.'model/RbacUsers.php');
+            require_once(PATH_RBAC . 'model/RbacUsers.php');
        }
        if (!class_exists('Users')) {
@@ -2343,9 +2288,8 @@ class LdapAdvanced
                $str .= ' ' . $group['cn'];
            }
-            $this->log($ldapcnn, 'found '. count($arrayGroup) . ' groups: ' . $str);
+            $this->log($ldapcnn, 'found ' . count($arrayGroup) . ' groups: ' . $str);
            //Return
            return $arrayGroup;
        } catch (Exception $e) {
            throw $e;
@@ -2357,7 +2301,6 @@ class LdapAdvanced
     * @param <type> $currentDN
     * @return <type>
     */
    public function getGrpUidIfExistsDN($currentDN)
    {
        try {
@@ -2407,7 +2350,6 @@ class LdapAdvanced
                $arrayData[$row["GRP_UID"]] = $row["NUM_REC"];
            }
            //Return
            return $arrayData;
        } catch (Exception $e) {
            throw $e;
@@ -2471,15 +2413,14 @@ class LdapAdvanced
    /**
     * Convert 18-digit LDAP timestamps  to format PM
     *
     * @author Ronald Escobar <ronald@colosa.com>
     * @param Date | $dateAD | Date of AD ('Windows NT time format' and 'Win32 FILETIME or SYSTEMTIME')
     * @param Date | $datePM | Date of PM
     */
    public function convertDateADtoPM($dateAD)
    {
        $unixTimestamp = ($dateAD / 10000000) - 11644560000;
-        $datePM  = date('Y-m-d', mktime(0, 0, 0, date('m'), '01', date('Y') + 2));//(date('Y') + 10)."-12-01";
+        $datePM = date('Y-m-d', mktime(0, 0, 0, date('m'), '01', date('Y') + 2));
-        if ($unixTimestamp >0) {
+        if ($unixTimestamp > 0) {
            $dateAux = date("Y-m-d", $unixTimestamp);
            $yearAux = date("Y", $unixTimestamp);
            if (strlen(trim($yearAux)) <= 4) {
@@ -2531,7 +2472,7 @@ class LdapAdvanced
                $userUid = $arrayUserData["USR_UID"];
                $found = true;
-                $arrayData["already"]++;
+                $arrayData["already"] ++;
                $arrayData["alreadyUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
            }
@@ -2539,7 +2480,6 @@ class LdapAdvanced
                //If user DO NOT exists in this department.. do:
                //If exists with another AuthSource -> impossible
                //If exists in another department, but in PM and for this authsource, we need to move it
                //$arrayNewUserData = $this->searchUserByUid($arrayUserLdap["sUsername"]);
                $arrayNewUserData = $arrayUserLdap;
@@ -2560,7 +2500,7 @@ class LdapAdvanced
                        $this->activateUser($arrayUserData["USR_UID"], $arrayNewUserData["sDN"], $departmentUid);
-                        $arrayData["moved"]++;
+                        $arrayData["moved"] ++;
                        $arrayData["movedUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
                        $this->setArrayAuthenticationSourceUser($userUid, $arrayNewUserData); //INITIALIZE DATA //Update User
@@ -2572,14 +2512,14 @@ class LdapAdvanced
                            //Impossible
                            $userUid = $arrayUserData["USR_UID"];
-                            $arrayData["impossible"]++;
+                            $arrayData["impossible"] ++;
                            $arrayData["impossibleUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
                        } else {
                            //User not exists
                            //Create User
                            $userUid = $this->createUserAndActivate($arrayNewUserData, $departmentUid);
-                            $arrayData["created"]++;
+                            $arrayData["created"] ++;
                            $arrayData["createdUsers"] .= $arrayNewUserData["sUsername"] . " ";
                            $this->setArrayAuthenticationSourceUser($userUid, $arrayNewUserData); //INITIALIZE DATA //Add User
@@ -2603,7 +2543,6 @@ class LdapAdvanced
            $this->debugLog("class.ldapAdvanced.php > function departmentSynchronizeUser() > \$userUid ----> $userUid");
            $this->debugLog("class.ldapAdvanced.php > function departmentSynchronizeUser() > END");
            //Return
            return $arrayData;
        } catch (Exception $e) {
            throw $e;
@@ -2638,7 +2577,7 @@ class LdapAdvanced
                $userUid = $arrayUserData["USR_UID"];
                $found = true;
-                $arrayData["already"]++;
+                $arrayData["already"] ++;
                $arrayData["alreadyUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
            }
@@ -2646,7 +2585,6 @@ class LdapAdvanced
                //If user DO NOT exists in this group.. do:
                //If exists with another AuthSource -> impossible
                //If exists in another group, but in PM and for this authsource, we need to move it
                //$arrayNewUserData = $this->searchUserByUid($arrayUserLdap["sUsername"]);
                $arrayNewUserData = $arrayUserLdap;
@@ -2661,7 +2599,7 @@ class LdapAdvanced
                    $group->addUserToGroup($groupUid, $userUid);
-                    $arrayData["moved"]++;
+                    $arrayData["moved"] ++;
                    $arrayData["movedUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
                    $this->setArrayAuthenticationSourceUser($userUid, $arrayNewUserData); //INITIALIZE DATA //Update User
@@ -2673,7 +2611,7 @@ class LdapAdvanced
                        //Impossible
                        $userUid = $arrayUserData["USR_UID"];
-                        $arrayData["impossible"]++;
+                        $arrayData["impossible"] ++;
                        $arrayData["impossibleUsers"] .= $arrayUserData["USR_USERNAME"] . " ";
                    } else {
                        //User not exists
@@ -2682,7 +2620,7 @@ class LdapAdvanced
                        $group->addUserToGroup($groupUid, $userUid);
-                        $arrayData["created"]++;
+                        $arrayData["created"] ++;
                        $arrayData["createdUsers"] .= $arrayNewUserData["sUsername"] . " ";
                        $this->setArrayAuthenticationSourceUser($userUid, $arrayNewUserData); //INITIALIZE DATA //Add User
@@ -2752,7 +2690,7 @@ class LdapAdvanced
            }
            //Search User from LDAP Server
-            $uidUserIdentifier = (isset($arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER']))?
+            $uidUserIdentifier = (isset($arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER'])) ?
                    $arrayAuthSourceData['AUTH_SOURCE_DATA']['AUTH_SOURCE_IDENTIFIER_FOR_USER'] : 'uid';
            $arrayAttribute = array_merge($this->arrayAttributesForUser, array_values($arrayAttributesToSync));
@@ -2767,10 +2705,10 @@ class LdapAdvanced
                    $arrayUserLdap = $this->ldapGetAttributes($ldapcnn, $entry);
-                    $username = (isset($arrayUserLdap[$uidUserIdentifier]))? $arrayUserLdap[$uidUserIdentifier] : '';
+                    $username = (isset($arrayUserLdap[$uidUserIdentifier])) ? $arrayUserLdap[$uidUserIdentifier] : '';
                    if ((is_array($username) && !empty($username)) || trim($username) != '') {
-                        $username = trim((is_array($username))? $username[0] : $username);
+                        $username = trim((is_array($username)) ? $username[0] : $username);
                        if (isset($arrayUser[$username])) {
                            if (!isset($this->arrayUserUpdateChecked[$username])) {
@@ -2783,12 +2721,12 @@ class LdapAdvanced
                                    $attributeName = strtolower($value);
                                    if (isset($arrayUserLdap[$attributeName])) {
-                                        $ldapAttributeValue = trim((is_array($arrayUserLdap[$attributeName]))? $arrayUserLdap[$attributeName][0] : $arrayUserLdap[$attributeName]);
+                                        $ldapAttributeValue = trim((is_array($arrayUserLdap[$attributeName])) ? $arrayUserLdap[$attributeName][0] : $arrayUserLdap[$attributeName]);
                                        switch ($fieldName) {
                                            case 'USR_STATUS':
                                                if ($attributeName == 'useraccountcontrol') {
-                                                    $ldapAttributeValue = (preg_match('/^(?:' . '512|544|66048|66080' . ')$/', $ldapAttributeValue))? (($arrayUser[$username][$fieldName] == 'VACATION')? 'VACATION' : 'ACTIVE') : 'INACTIVE';
+                                                    $ldapAttributeValue = (preg_match('/^(?:' . '512|544|66048|66080' . ')$/', $ldapAttributeValue)) ? (($arrayUser[$username][$fieldName] == 'VACATION') ? 'VACATION' : 'ACTIVE') : 'INACTIVE';
                                                }
                                                break;
                                            case 'USR_DUE_DATE':
@@ -2815,8 +2753,7 @@ class LdapAdvanced
                                }
                            } else {
                                $this->log(
-                                    $ldapcnn,
+                                        $ldapcnn, 'User is repeated: Username "' . $username . '", DN "' . $arrayUserLdap['dn'] . '"'
                                    'User is repeated: Username "' . $username .'", DN "' . $arrayUserLdap['dn'] . '"'
                                );
                            }
@@ -2844,13 +2781,8 @@ class LdapAdvanced
     *
     * @return array
     */
-    private function __ldapUsersUpdateData(
+    private function __ldapUsersUpdateData($ldapcnn, array $arrayAuthSourceData, $filterUsers, array $arrayUserUid, array $arrayData)
-        $ldapcnn,
+    {
        array $arrayAuthSourceData,
        $filterUsers,
        array $arrayUserUid,
        array $arrayData
    ) {
        try {
            $totalUser = $arrayData['totalUser'];
            $countUser = $arrayData['countUser'];
@@ -2870,7 +2802,6 @@ class LdapAdvanced
                    $criteria = new Criteria('workflow');
                    $criteria->add(UsersPeer::USR_UID, $arrayUserUid, Criteria::IN);
                    //$criteria->add(UsersPeer::USR_USERNAME, '', Criteria::NOT_EQUAL);
                    $criteria->add(UsersPeer::USR_STATUS, 'CLOSED', Criteria::NOT_EQUAL);
                    $rsCriteria = UsersPeer::doSelectRS($criteria);
@@ -2894,15 +2825,13 @@ class LdapAdvanced
                            //Progress bar
                            $this->frontEndShow(
-                                'BAR',
+                                    'BAR', 'Update Users data: ' . $countUser . '/' . $totalUser . ' ' . $this->progressBar($totalUser, $countUser)
                                'Update Users data: ' . $countUser . '/' . $totalUser . ' ' . $this->progressBar($totalUser, $countUser)
                            );
                        }
                    } while ($entry = ldap_next_entry($ldapcnn, $entry));
                }
            }
            //Return
            return [$totalUser, $countUser];
        } catch (Exception $e) {
            throw $e;
@@ -2939,7 +2868,7 @@ class LdapAdvanced
            $limit = $this->__getPageSizeLimitByData($arrayAuthenticationSourceData);
            $count = 0;
-            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"]))? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
+            $uidUserIdentifier = (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"])) ? $arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["AUTH_SOURCE_IDENTIFIER_FOR_USER"] : "uid";
            $filterUsers = "";
            $arrayUserUid = array();
@@ -3013,11 +2942,10 @@ class LdapAdvanced
                $countEntries = ldap_count_entries($ldapcnn, $searchResult);
                if ($countEntries > 0) {
-                    $limit = ($countEntries > $limit)? $limit : $countEntries;
+                    $limit = ($countEntries > $limit) ? $limit : $countEntries;
                }
            }
            //Return
            return $limit;
        } catch (Exception $e) {
            throw $e;
--- a/workflow/engine/methods/services/ldapadvanced.php
+++ b/workflow/engine/methods/services/ldapadvanced.php
@@ -60,18 +60,13 @@ class ldapadvancedClassCron
        $aDepartments = $plugin->getDepartments("");
        $aGroups = $plugin->getGroups();
        //$arrayDepartmentUserAd = array(); //(D) Update Users
        //$arrayGroupUserAd = array(); //(G) Update Users
        //echo "\n";
        $plugin->frontEndShow("START");
        $plugin->debugLog("START");
        foreach ($arrayAuthenticationSource as $value) {
            $arrayAuthenticationSourceData = $value;
-
+            try {
                $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$arrayAuthenticationSourceData ---->\n" . print_r($arrayAuthenticationSourceData, true));
                $plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"];
@@ -141,17 +136,6 @@ class ldapadvancedClassCron
                foreach ($aRegisteredDepts as $registeredDept) {
                    $count++;
                //(D) Update Users
                //if (!isset($arrayDepartmentUserAd[$registeredDept["DEP_UID"]])) {
                //    $arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array(); //Current users in department based in Active Directory
                //}
                //
                //$arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept);
                //$arrayAux = array_merge($arrayDepartmentUserAd[$registeredDept["DEP_UID"]], $arrayAux);
                //
                //$arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array_unique($arrayAux);
                    $arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept);
                }
@@ -177,17 +161,6 @@ class ldapadvancedClassCron
                foreach ($aRegisteredGroups as $registeredGroup) {
                    $count++;
                //(G) Update Users
                //if (!isset($arrayGroupUserAd[$registeredGroup["GRP_UID"]])) {
                //    $arrayGroupUserAd[$registeredGroup["GRP_UID"]] = array(); //Current users in group based in Active Directory
                //}
                //
                //$arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup);
                //$arrayAux = array_merge($arrayGroupUserAd[$registeredGroup["GRP_UID"]], $arrayAux);
                //
                //$arrayGroupUserAd[$registeredGroup["GRP_UID"]] = array_unique($arrayAux);
                    $arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup);
                }
@@ -386,37 +359,15 @@ class ldapadvancedClassCron
                //Update Users data based on the LDAP Server
                $plugin->usersUpdateData($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]);
            } catch (Exception $e) {
                $context = Bootstrap::getDefaultContextLog();
                $context["action"] = "ldapSynchronize";
                $context["authSource"] = $arrayAuthenticationSourceData;
                Bootstrap::registerMonolog("ldapSynchronize", 400, $e->getMessage(), $context, $context["workspace"], "processmaker.log");
            }
        }
        $plugin->frontEndShow("END");
        //(D) Update Users
        ////Department //Upgrade users in departments
        //foreach ($arrayDepartmentUserAd as $departmentUid => $arrayUserAd) {
        //    $plugin->setArrayDepartmentUsers($departmentUid); //INITIALIZE DATA
        //
        //    $arrayAux = array_diff(array_keys($plugin->arrayDepartmentUsersByUid), $arrayUserAd);
        //
        //    $this->departmentRemoveUsers($departmentUid, $arrayAux);
        //}
        //(G) Update Users
        ////Group //Upgrade users in groups
        //foreach ($arrayGroupUserAd as $groupUid => $arrayUserAd) {
        //    $plugin->setArrayGroupUsers($groupUid); //INITIALIZE DATA
        //
        //    $arrayAux = array_diff(array_keys($plugin->arrayGroupUsersByUid), $arrayUserAd);
        //
        //    $this->groupRemoveUsers($groupUid, $arrayAux);
        //}
        //// Developed by Gary and Ronald
        //$usersInfo = $plugin->ASUpdateInfo('');
        //if (isset($usersInfo) && $usersInfo > 0) {
        //    $this->dMoved = $usersInfo;
        //}
        //// End Developed by Gary and Ronald
        $plugin->debugLog("END");
    }