Adding upstream version 4:7.4.7.upstream/4%7.4.7upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

8 files changed, 1325 insertions, 0 deletions

diff --git a/extensions/source/config/WinUserInfo/WinUserInfoBe.component b/extensions/source/config/WinUserInfo/WinUserInfoBe.component
new file mode 100644
index 000000000..5dd7d21ad
--- /dev/null
+++ b/extensions/source/config/WinUserInfo/WinUserInfoBe.component
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ -->
+
+<component loader="com.sun.star.loader.SharedLibrary" environment="@CPPU_ENV@"
+    xmlns="http://openoffice.org/2010/uno-components">
+  <implementation name="com.sun.star.comp.configuration.backend.WinUserInfoBe"
+    constructor="extensions_WinUserInfoBe_get_implementation">
+    <service name="com.sun.star.configuration.backend.WinUserInfoBe"/>
+  </implementation>
+</component>
diff --git a/extensions/source/config/WinUserInfo/WinUserInfoBe.cxx b/extensions/source/config/WinUserInfo/WinUserInfoBe.cxx
new file mode 100644
index 000000000..2914cf78d
--- /dev/null
+++ b/extensions/source/config/WinUserInfo/WinUserInfoBe.cxx
@@ -0,0 +1,433 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include "WinUserInfoBe.hxx"
+
+#include <com/sun/star/beans/Optional.hpp>
+#include <comphelper/base64.hxx>
+#include <comphelper/configuration.hxx>
+#include <cppuhelper/supportsservice.hxx>
+#include <map>
+#include <o3tl/char16_t2wchar_t.hxx>
+#include <tools/diagnose_ex.h>
+#include <officecfg/UserProfile.hxx>
+
+#include <Iads.h>
+#include <Adshlp.h>
+#include <Lmcons.h>
+#define SECURITY_WIN32
+#include <Security.h>
+
+#include <systools/win32/comtools.hxx>
+#include <systools/win32/oleauto.hxx>
+
+namespace extensions
+{
+namespace config
+{
+namespace WinUserInfo
+{
+class WinUserInfoBe_Impl
+{
+public:
+    virtual ~WinUserInfoBe_Impl(){};
+    virtual OUString GetGivenName() = 0;
+    virtual OUString GetSn() { return ""; }
+    virtual OUString GetFathersname() { return ""; }
+    virtual OUString GetInitials() { return ""; }
+    virtual OUString GetStreet() { return ""; }
+    virtual OUString GetCity() { return ""; }
+    virtual OUString GetState() { return ""; }
+    virtual OUString GetApartment() { return ""; }
+    virtual OUString GetPostalCode() { return ""; }
+    virtual OUString GetCountry() { return ""; }
+    virtual OUString GetOrganization() { return ""; }
+    virtual OUString GetPosition() { return ""; }
+    virtual OUString GetTitle() { return ""; }
+    virtual OUString GetHomePhone() { return ""; }
+    virtual OUString GetTelephoneNumber() { return ""; }
+    virtual OUString GetFaxNumber() { return ""; }
+    virtual OUString GetMail() { return ""; }
+};
+}
+}
+}
+
+namespace
+{
+constexpr OUStringLiteral givenname(u"givenname");
+constexpr OUStringLiteral sn(u"sn");
+constexpr char fathersname[]("fathersname");
+constexpr OUStringLiteral initials(u"initials");
+constexpr OUStringLiteral street(u"street");
+constexpr OUStringLiteral l(u"l");
+constexpr OUStringLiteral st(u"st");
+constexpr char apartment[]("apartment");
+constexpr OUStringLiteral postalcode(u"postalcode");
+constexpr OUStringLiteral c(u"c");
+constexpr OUStringLiteral o(u"o");
+constexpr char position[]("position");
+constexpr OUStringLiteral title(u"title");
+constexpr OUStringLiteral homephone(u"homephone");
+constexpr OUStringLiteral telephonenumber(u"telephonenumber");
+constexpr OUStringLiteral facsimiletelephonenumber(u"facsimiletelephonenumber");
+constexpr OUStringLiteral mail(u"mail");
+
+// Backend class implementing access to Active Directory user data. It caches its encoded data
+// in a configuration entry, to allow reusing it when user later doesn't have access to AD DC
+// (otherwise the user would get different data when connected vs not connected).
+class ADsUserAccess : public extensions::config::WinUserInfo::WinUserInfoBe_Impl
+{
+public:
+    ADsUserAccess()
+    {
+        try
+        {
+            sal::systools::CoInitializeGuard aCoInitializeGuard(COINIT_APARTMENTTHREADED);
+
+            sal::systools::COMReference<IADsADSystemInfo> pADsys(CLSID_ADSystemInfo, nullptr,
+                                                                 CLSCTX_INPROC_SERVER);
+
+            sal::systools::BStr sUserDN;
+            sal::systools::ThrowIfFailed(pADsys->get_UserName(&sUserDN), "get_UserName failed");
+            // If this user is an AD user, then without an active connection to the domain, all the
+            // above will succeed, and m_sUserDN will be correctly initialized, but the following
+            // call to ADsGetObject will fail, and we will attempt reading cached values.
+            m_sUserDN = sUserDN;
+            OUString sLdapUserDN = "LDAP://" + m_sUserDN;
+            sal::systools::COMReference<IADsUser> pUser;
+            sal::systools::ThrowIfFailed(ADsGetObject(o3tl::toW(sLdapUserDN.getStr()), IID_IADsUser,
+                                                      reinterpret_cast<void**>(&pUser)),
+                                         "ADsGetObject failed");
+            // Fetch all the required information right now, when we know to have access to AD
+            // (later the connection may already be lost)
+            m_aMap[givenname] = Str(pUser, &IADsUser::get_FirstName);
+            m_aMap[sn] = Str(pUser, &IADsUser::get_LastName);
+            m_aMap[initials] = Str(pUser, L"initials");
+            m_aMap[street] = Str(pUser, L"streetAddress");
+            m_aMap[l] = Str(pUser, L"l");
+            m_aMap[st] = Str(pUser, L"st");
+            m_aMap[postalcode] = Str(pUser, L"postalCode");
+            m_aMap[c] = Str(pUser, L"co");
+            m_aMap[o] = Str(pUser, L"company");
+            m_aMap[title] = Str(pUser, &IADsUser::get_Title);
+            m_aMap[homephone] = Str(pUser, L"homePhone");
+            m_aMap[telephonenumber] = Str(pUser, L"TelephoneNumber");
+            m_aMap[facsimiletelephonenumber] = Str(pUser, L"facsimileTelephoneNumber");
+            m_aMap[mail] = Str(pUser, &IADsUser::get_EmailAddress);
+
+            CacheData();
+        }
+        catch (sal::systools::ComError&)
+        {
+            // Maybe we temporarily lost connection to AD; try to get cached data
+            GetCachedData();
+        }
+    }
+
+    virtual OUString GetGivenName() override { return m_aMap[givenname]; }
+    virtual OUString GetSn() override { return m_aMap[sn]; }
+    virtual OUString GetInitials() override { return m_aMap[initials]; }
+    virtual OUString GetStreet() override { return m_aMap[street]; }
+    virtual OUString GetCity() override { return m_aMap[l]; }
+    virtual OUString GetState() override { return m_aMap[st]; }
+    virtual OUString GetPostalCode() override { return m_aMap[postalcode]; }
+    virtual OUString GetCountry() override { return m_aMap[c]; }
+    virtual OUString GetOrganization() override { return m_aMap[o]; }
+    virtual OUString GetTitle() override { return m_aMap[title]; }
+    virtual OUString GetHomePhone() override { return m_aMap[homephone]; }
+    virtual OUString GetTelephoneNumber() override { return m_aMap[telephonenumber]; }
+    virtual OUString GetFaxNumber() override { return m_aMap[facsimiletelephonenumber]; }
+    virtual OUString GetMail() override { return m_aMap[mail]; }
+
+private:
+    typedef HRESULT (__stdcall IADsUser::*getstrfunc)(BSTR*);
+    static OUString Str(IADsUser* pUser, getstrfunc func)
+    {
+        sal::systools::BStr sBstr;
+        if (FAILED((pUser->*func)(&sBstr)))
+            return "";
+        return OUString(sBstr);
+    }
+    static OUString Str(IADsUser* pUser, const wchar_t* property)
+    {
+        sal::systools::BStr sBstrProp{ o3tl::toU(property) };
+        struct AutoVariant : public VARIANT
+        {
+            AutoVariant() { VariantInit(this); }
+            ~AutoVariant() { VariantClear(this); }
+        } varArr;
+        if (FAILED(pUser->GetEx(sBstrProp, &varArr)))
+            return "";
+        SAFEARRAY* sa = V_ARRAY(&varArr);
+        LONG nStart, nEnd;
+        if (FAILED(SafeArrayGetLBound(sa, 1, &nStart)) || FAILED(SafeArrayGetUBound(sa, 1, &nEnd)))
+            return "";
+        AutoVariant varItem;
+        for (LONG i = nStart; i <= nEnd; i++)
+        {
+            if (FAILED(SafeArrayGetElement(sa, &i, &varItem)))
+                continue;
+            if (varItem.vt == VT_BSTR)
+                return OUString(o3tl::toU(V_BSTR(&varItem)));
+            VariantClear(&varItem);
+        }
+        return "";
+    }
+
+    void CacheData()
+    {
+        try
+        {
+            OUString sCachedData = "user=" + m_sUserDN // user DN
+                                   + "\0" + givenname + "=" + GetGivenName() // 1st name
+                                   + "\0" + sn + "=" + GetSn() // sn
+                                   + "\0" + initials + "=" + GetInitials() // initials
+                                   + "\0" + street + "=" + GetStreet() // street
+                                   + "\0" + l + "=" + GetCity() // l
+                                   + "\0" + st + "=" + GetState() // st
+                                   + "\0" + postalcode + "=" + GetPostalCode() // p.code
+                                   + "\0" + c + "=" + GetCountry() // c
+                                   + "\0" + o + "=" + GetOrganization() // o
+                                   + "\0" + title + "=" + GetTitle() // title
+                                   + "\0" + homephone + "=" + GetHomePhone() // h.phone
+                                   + "\0" + telephonenumber + "=" + GetTelephoneNumber() // tel
+                                   + "\0" + facsimiletelephonenumber + "=" + GetFaxNumber() // fax
+                                   + "\0" + mail + "=" + GetMail(); // mail
+            const css::uno::Sequence<sal_Int8> seqCachedData(
+                reinterpret_cast<const sal_Int8*>(sCachedData.getStr()),
+                sCachedData.getLength() * sizeof(sal_Unicode));
+            OUStringBuffer sOutBuf;
+            comphelper::Base64::encode(sOutBuf, seqCachedData);
+
+            std::shared_ptr<comphelper::ConfigurationChanges> batch(
+                comphelper::ConfigurationChanges::create());
+            officecfg::UserProfile::WinUserInfo::Cache::set(sOutBuf.makeStringAndClear(), batch);
+            batch->commit();
+        }
+        catch (const css::uno::Exception&)
+        {
+            TOOLS_WARN_EXCEPTION("extensions.config",
+                                 "ADsUserAccess: access to configuration data failed:");
+        }
+    }
+
+    void GetCachedData()
+    {
+        if (m_sUserDN.isEmpty())
+            throw css::uno::RuntimeException();
+
+        OUString sCache = officecfg::UserProfile::WinUserInfo::Cache::get();
+
+        if (sCache.isEmpty())
+            throw css::uno::RuntimeException();
+
+        {
+            css::uno::Sequence<sal_Int8> seqCachedData;
+            comphelper::Base64::decode(seqCachedData, sCache);
+            sCache = OUString(reinterpret_cast<const sal_Unicode*>(seqCachedData.getConstArray()),
+                              seqCachedData.getLength() / sizeof(sal_Unicode));
+        }
+
+        OUString sUserDN;
+        std::map<const OUString, OUString> aMap;
+        sal_Int32 nIndex = 0;
+        do
+        {
+            const OUString sEntry = sCache.getToken(0, '\0', nIndex);
+            sal_Int32 nEqIndex = 0;
+            const OUString sEntryName = sEntry.getToken(0, '=', nEqIndex);
+            OUString sEntryVal;
+            if (nEqIndex >= 0)
+                sEntryVal = sEntry.copy(nEqIndex);
+            if (sEntryName == "user")
+                sUserDN = sEntryVal;
+            else
+                aMap[sEntryName] = sEntryVal;
+        } while (nIndex >= 0);
+
+        if (sUserDN != m_sUserDN)
+            throw css::uno::RuntimeException();
+        m_aMap = std::move(aMap);
+    }
+
+    OUString m_sUserDN; // used to check if the cached data is for current user
+    std::map<const OUString, OUString> m_aMap;
+};
+
+class SysInfoUserAccess : public extensions::config::WinUserInfo::WinUserInfoBe_Impl
+{
+public:
+    SysInfoUserAccess()
+    {
+        try
+        {
+            ULONG nSize = 0;
+            GetUserNameExW(NameDisplay, nullptr, &nSize);
+            if (GetLastError() != ERROR_MORE_DATA)
+                throw css::uno::RuntimeException();
+            auto pNameBuf(std::make_unique<wchar_t[]>(nSize));
+            if (!GetUserNameExW(NameDisplay, pNameBuf.get(), &nSize))
+                throw css::uno::RuntimeException();
+            m_sName = o3tl::toU(pNameBuf.get());
+        }
+        catch (css::uno::RuntimeException&)
+        {
+            // GetUserNameEx may fail in some cases (e.g., for built-in AD domain
+            // administrator account on non-DC systems), where GetUserName will
+            // still give a name.
+            DWORD nSize = UNLEN + 1;
+            auto pNameBuf(std::make_unique<wchar_t[]>(nSize));
+            if (!GetUserNameW(pNameBuf.get(), &nSize))
+                throw css::uno::RuntimeException();
+            m_sName = o3tl::toU(pNameBuf.get());
+        }
+    }
+
+    virtual OUString GetGivenName() override { return m_sName; }
+
+private:
+    OUString m_sName;
+};
+}
+
+namespace extensions
+{
+namespace config
+{
+namespace WinUserInfo
+{
+WinUserInfoBe::WinUserInfoBe()
+    : WinUserInfoMutexHolder()
+    , BackendBase(mMutex)
+{
+    try
+    {
+        m_pImpl.reset(new ADsUserAccess());
+    }
+    catch (css::uno::RuntimeException&)
+    {
+        m_pImpl.reset(new SysInfoUserAccess);
+    }
+}
+
+WinUserInfoBe::~WinUserInfoBe() {}
+
+void WinUserInfoBe::setPropertyValue(OUString const&, css::uno::Any const&)
+{
+    throw css::lang::IllegalArgumentException("setPropertyValue not supported",
+                                              static_cast<cppu::OWeakObject*>(this), -1);
+}
+
+css::uno::Any WinUserInfoBe::getPropertyValue(OUString const& PropertyName)
+{
+    OUString sValue;
+    // Only process the first argument of possibly multiple space- or comma-separated arguments
+    OUString sToken = PropertyName.getToken(0, ' ').getToken(0, ',');
+    if (sToken == givenname)
+    {
+        sValue = m_pImpl->GetGivenName();
+    }
+    else if (sToken == sn)
+    {
+        sValue = m_pImpl->GetSn();
+    }
+    else if (sToken == fathersname)
+    {
+        sValue = m_pImpl->GetFathersname();
+    }
+    else if (sToken == initials)
+    {
+        sValue = m_pImpl->GetInitials();
+    }
+    else if (sToken == street)
+    {
+        sValue = m_pImpl->GetStreet();
+    }
+    else if (sToken == l)
+    {
+        sValue = m_pImpl->GetCity();
+    }
+    else if (sToken == st)
+    {
+        sValue = m_pImpl->GetState();
+    }
+    else if (sToken == apartment)
+    {
+        sValue = m_pImpl->GetApartment();
+    }
+    else if (sToken == postalcode)
+    {
+        sValue = m_pImpl->GetPostalCode();
+    }
+    else if (sToken == c)
+    {
+        sValue = m_pImpl->GetCountry();
+    }
+    else if (sToken == o)
+    {
+        sValue = m_pImpl->GetOrganization();
+    }
+    else if (sToken == position)
+    {
+        sValue = m_pImpl->GetPosition();
+    }
+    else if (sToken == title)
+    {
+        sValue = m_pImpl->GetTitle();
+    }
+    else if (sToken == homephone)
+    {
+        sValue = m_pImpl->GetHomePhone();
+    }
+    else if (sToken == telephonenumber)
+    {
+        sValue = m_pImpl->GetTelephoneNumber();
+    }
+    else if (sToken == facsimiletelephonenumber)
+    {
+        sValue = m_pImpl->GetFaxNumber();
+    }
+    else if (sToken == mail)
+    {
+        sValue = m_pImpl->GetMail();
+    }
+    else
+        throw css::beans::UnknownPropertyException(sToken, static_cast<cppu::OWeakObject*>(this));
+
+    return css::uno::Any(css::beans::Optional<css::uno::Any>(
+        !sValue.isEmpty(), sValue.isEmpty() ? css::uno::Any() : css::uno::Any(sValue)));
+}
+
+OUString SAL_CALL WinUserInfoBe::getImplementationName()
+{
+    return "com.sun.star.comp.configuration.backend.WinUserInfoBe";
+}
+
+sal_Bool SAL_CALL WinUserInfoBe::supportsService(const OUString& aServiceName)
+{
+    return cppu::supportsService(this, aServiceName);
+}
+
+css::uno::Sequence<OUString> SAL_CALL WinUserInfoBe::getSupportedServiceNames()
+{
+    return { "com.sun.star.configuration.backend.WinUserInfoBe" };
+}
+}
+}
+}
+
+extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface*
+extensions_WinUserInfoBe_get_implementation(css::uno::XComponentContext*,
+                                            css::uno::Sequence<css::uno::Any> const&)
+{
+    return cppu::acquire(new extensions::config::WinUserInfo::WinUserInfoBe());
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/extensions/source/config/WinUserInfo/WinUserInfoBe.hxx b/extensions/source/config/WinUserInfo/WinUserInfoBe.hxx
new file mode 100644
index 000000000..30ca088c3
--- /dev/null
+++ b/extensions/source/config/WinUserInfo/WinUserInfoBe.hxx
@@ -0,0 +1,101 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#pragma once
+
+#include <com/sun/star/beans/XPropertySet.hpp>
+#include <com/sun/star/lang/XServiceInfo.hpp>
+#include <cppuhelper/compbase.hxx>
+#include <memory>
+
+namespace com
+{
+namespace sun
+{
+namespace star
+{
+namespace uno
+{
+class XComponentContext;
+}
+}
+}
+}
+
+namespace extensions
+{
+namespace config
+{
+namespace WinUserInfo
+{
+class WinUserInfoBe_Impl;
+
+typedef cppu::WeakComponentImplHelper<css::beans::XPropertySet, css::lang::XServiceInfo>
+    BackendBase;
+
+struct WinUserInfoMutexHolder
+{
+    osl::Mutex mMutex;
+};
+/**
+  Implements the PlatformBackend service, a specialization of the
+  XPropertySet service for retrieving Active Directory user profile
+  configuration settings.
+*/
+class WinUserInfoBe : private WinUserInfoMutexHolder, public BackendBase
+{
+public:
+    explicit WinUserInfoBe();
+    virtual ~WinUserInfoBe() override;
+
+    // XServiceInfo
+    virtual OUString SAL_CALL getImplementationName() override;
+
+    virtual sal_Bool SAL_CALL supportsService(const OUString& aServiceName) override;
+
+    virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override;
+
+    // XPropertySet
+    virtual css::uno::Reference<css::beans::XPropertySetInfo> SAL_CALL getPropertySetInfo() override
+    {
+        return css::uno::Reference<css::beans::XPropertySetInfo>();
+    }
+
+    virtual void SAL_CALL setPropertyValue(OUString const&, css::uno::Any const&) override;
+
+    virtual css::uno::Any SAL_CALL getPropertyValue(OUString const& PropertyName) override;
+
+    virtual void SAL_CALL addPropertyChangeListener(
+        OUString const&, css::uno::Reference<css::beans::XPropertyChangeListener> const&) override
+    {
+    }
+
+    virtual void SAL_CALL removePropertyChangeListener(
+        OUString const&, css::uno::Reference<css::beans::XPropertyChangeListener> const&) override
+    {
+    }
+
+    virtual void SAL_CALL addVetoableChangeListener(
+        OUString const&, css::uno::Reference<css::beans::XVetoableChangeListener> const&) override
+    {
+    }
+
+    virtual void SAL_CALL removeVetoableChangeListener(
+        OUString const&, css::uno::Reference<css::beans::XVetoableChangeListener> const&) override
+    {
+    }
+
+private:
+    std::unique_ptr<WinUserInfoBe_Impl> m_pImpl;
+};
+}
+}
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/extensions/source/config/ldap/ldapaccess.cxx b/extensions/source/config/ldap/ldapaccess.cxx
new file mode 100644
index 000000000..7e35408b3
--- /dev/null
+++ b/extensions/source/config/ldap/ldapaccess.cxx
@@ -0,0 +1,289 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+#include "ldapaccess.hxx"
+
+#include <osl/diagnose.h>
+#include <o3tl/char16_t2wchar_t.hxx>
+
+#include <com/sun/star/ldap/LdapConnectionException.hpp>
+
+
+namespace extensions::config::ldap {
+
+
+typedef int LdapErrCode;
+
+struct LdapMessageHolder
+{
+    LdapMessageHolder() : msg(nullptr) {}
+    ~LdapMessageHolder()
+    {
+        if (msg)
+            ldap_msgfree(msg);
+    }
+    LdapMessageHolder(const LdapMessageHolder&) = delete;
+    LdapMessageHolder& operator=(const LdapMessageHolder&) = delete;
+
+    LDAPMessage * msg;
+};
+
+LdapConnection::~LdapConnection()
+{
+    if (isValid()) disconnect();
+}
+
+
+void LdapConnection::disconnect()
+{
+    if (mConnection != nullptr)
+    {
+        ldap_unbind_s(mConnection) ;
+        mConnection = nullptr;
+    }
+}
+
+
+static void checkLdapReturnCode(const char *aOperation,
+                                LdapErrCode aRetCode)
+{
+    if (aRetCode == LDAP_SUCCESS) { return ; }
+
+    OUString message;
+
+    if (aOperation != nullptr)
+    {
+        message += OUString::createFromAscii(aOperation) + ": ";
+    }
+    message += OUString::createFromAscii(ldap_err2string(aRetCode)) + " (" ;
+
+#ifndef LDAP_OPT_SIZELIMIT // for use with OpenLDAP
+    char* stub = nullptr;
+    ldap_get_lderrno(aConnection, NULL, &stub) ;
+    if (stub != nullptr)
+    {
+        message += OUString::createFromAscii(stub) ;
+        // It would seem the message returned is actually
+        // not a copy of a string but rather some static
+        // string itself. At any rate freeing it seems to
+        // cause some undue problems at least on Windows.
+        // This call is thus disabled for the moment.
+        //ldap_memfree(stub) ;
+    }
+    else
+#endif
+    { message += "No additional information"; }
+
+    message += ")" ;
+    throw ldap::LdapGenericException(message, nullptr, aRetCode) ;
+}
+
+void  LdapConnection::connectSimple(const LdapDefinition& aDefinition)
+{
+    OSL_ENSURE(!isValid(), "Re-connecting to an LDAP connection that is already established");
+    if (isValid()) disconnect();
+
+    mLdapDefinition = aDefinition;
+    connectSimple();
+}
+
+void  LdapConnection::connectSimple()
+{
+    if (isValid())
+        return;
+
+    // Connect to the server
+    initConnection() ;
+    // Set Protocol V3
+    int version = LDAP_VERSION3;
+    ldap_set_option(mConnection,
+                    LDAP_OPT_PROTOCOL_VERSION,
+                    &version);
+
+#ifdef LDAP_X_OPT_CONNECT_TIMEOUT // OpenLDAP doesn't support this and the func
+    /* timeout is specified in milliseconds -> 4 seconds*/
+    int timeout = 4000;
+#ifdef _WIN32
+    ldap_set_optionW( mConnection,
+                    LDAP_X_OPT_CONNECT_TIMEOUT,
+                    &timeout );
+#else
+    ldap_set_option( mConnection,
+                    LDAP_X_OPT_CONNECT_TIMEOUT,
+                    &timeout );
+#endif
+#endif
+
+    // Do the bind
+#ifdef _WIN32
+    LdapErrCode retCode = ldap_simple_bind_sW(mConnection,
+                                           const_cast<PWSTR>(o3tl::toW(mLdapDefinition.mAnonUser.getStr())),
+                                           const_cast<PWSTR>(o3tl::toW(mLdapDefinition.mAnonCredentials.getStr())) );
+#else
+    LdapErrCode retCode = ldap_simple_bind_s(mConnection,
+                                           OUStringToOString( mLdapDefinition.mAnonUser, RTL_TEXTENCODING_UTF8 ).getStr(),
+                                           OUStringToOString( mLdapDefinition.mAnonCredentials, RTL_TEXTENCODING_UTF8 ).getStr()) ;
+#endif
+
+    checkLdapReturnCode("SimpleBind", retCode) ;
+}
+
+void LdapConnection::initConnection()
+{
+    if (mLdapDefinition.mServer.isEmpty())
+    {
+        throw ldap::LdapConnectionException("Cannot initialise connection to LDAP: No server specified.");
+    }
+
+    if (mLdapDefinition.mPort == 0) mLdapDefinition.mPort = LDAP_PORT;
+
+#ifdef _WIN32
+    mConnection = ldap_initW(const_cast<PWSTR>(o3tl::toW(mLdapDefinition.mServer.getStr())),
+                            mLdapDefinition.mPort) ;
+#else
+    mConnection = ldap_init(OUStringToOString( mLdapDefinition.mServer, RTL_TEXTENCODING_UTF8 ).getStr(),
+                            mLdapDefinition.mPort) ;
+#endif
+    if (mConnection == nullptr)
+    {
+        throw ldap::LdapConnectionException(
+            "Cannot initialise connection to LDAP server "
+            + mLdapDefinition.mServer + ":" + OUString::number(mLdapDefinition.mPort));
+    }
+}
+
+ void LdapConnection::getUserProfile(
+     const OUString& aUser, LdapData * data)
+{
+    OSL_ASSERT(data != nullptr);
+    if (!isValid()) { connectSimple(); }
+
+    OUString aUserDn =findUserDn( aUser );
+
+    LdapMessageHolder result;
+#ifdef _WIN32
+    LdapErrCode retCode = ldap_search_sW(mConnection,
+                                      const_cast<PWSTR>(o3tl::toW(aUserDn.getStr())),
+                                      LDAP_SCOPE_BASE,
+                                      const_cast<PWSTR>( L"(objectclass=*)" ),
+                                      nullptr,
+                                      0, // Attributes + values
+                                      &result.msg) ;
+#else
+    LdapErrCode retCode = ldap_search_s(mConnection,
+                                      OUStringToOString( aUserDn, RTL_TEXTENCODING_UTF8 ).getStr(),
+                                      LDAP_SCOPE_BASE,
+                                      "(objectclass=*)",
+                                      nullptr,
+                                      0, // Attributes + values
+                                      &result.msg) ;
+#endif
+    checkLdapReturnCode("getUserProfile", retCode) ;
+
+    BerElement * ptr;
+#ifdef _WIN32
+    PWCHAR attr = ldap_first_attributeW(mConnection, result.msg, &ptr);
+    while (attr) {
+        PWCHAR * values = ldap_get_valuesW(mConnection, result.msg, attr);
+        if (values) {
+            const OUString aAttr( o3tl::toU( attr ) );
+            const OUString aValues( o3tl::toU( *values ) );
+            data->emplace( aAttr, aValues );
+            ldap_value_freeW(values);
+        }
+        attr = ldap_next_attributeW(mConnection, result.msg, ptr);
+#else
+    char * attr = ldap_first_attribute(mConnection, result.msg, &ptr);
+    while (attr) {
+        char ** values = ldap_get_values(mConnection, result.msg, attr);
+        if (values) {
+            data->emplace(
+                    OStringToOUString(attr, RTL_TEXTENCODING_ASCII_US),
+                    OStringToOUString(*values, RTL_TEXTENCODING_UTF8));
+            ldap_value_free(values);
+        }
+        attr = ldap_next_attribute(mConnection, result.msg, ptr);
+#endif
+    }
+}
+
+ OUString LdapConnection::findUserDn(const OUString& aUser)
+{
+    if (!isValid()) { connectSimple(); }
+
+    if (aUser.isEmpty())
+    {
+        throw lang::IllegalArgumentException(
+            "LdapConnection::findUserDn -User id is empty",
+                nullptr, 0) ;
+    }
+
+    OUString filter = "(&(objectclass="
+                    + mLdapDefinition.mUserObjectClass
+                    + ")("
+                    + mLdapDefinition.mUserUniqueAttr
+                    + "="
+                    + aUser
+                    + "))";
+
+    LdapMessageHolder result;
+#ifdef _WIN32
+    PWCHAR attributes [2] = { const_cast<PWCHAR>( L"1.1" ), nullptr };
+    LdapErrCode retCode = ldap_search_sW(mConnection,
+                                      const_cast<PWSTR>(o3tl::toW(mLdapDefinition.mBaseDN.getStr())),
+                                      LDAP_SCOPE_SUBTREE,
+                                      const_cast<PWSTR>(o3tl::toW(filter.getStr())), attributes, 0, &result.msg) ;
+#else
+    char * attributes [2] = { const_cast<char *>(LDAP_NO_ATTRS), nullptr };
+    LdapErrCode retCode = ldap_search_s(mConnection,
+                                      OUStringToOString( mLdapDefinition.mBaseDN, RTL_TEXTENCODING_UTF8 ).getStr(),
+                                      LDAP_SCOPE_SUBTREE,
+                                      OUStringToOString( filter, RTL_TEXTENCODING_UTF8 ).getStr(), attributes, 0, &result.msg) ;
+#endif
+    checkLdapReturnCode("FindUserDn", retCode) ;
+    OUString userDn ;
+    LDAPMessage *entry = ldap_first_entry(mConnection, result.msg) ;
+
+    if (entry != nullptr)
+    {
+#ifdef _WIN32
+        PWCHAR charsDn = ldap_get_dnW(mConnection, entry) ;
+
+        userDn = OUString( o3tl::toU( charsDn ) );
+        ldap_memfreeW(charsDn) ;
+#else
+        char *charsDn = ldap_get_dn(mConnection, entry) ;
+
+        userDn = OStringToOUString( charsDn, RTL_TEXTENCODING_UTF8 );
+        ldap_memfree(charsDn) ;
+#endif
+    }
+    else
+    {
+        OSL_FAIL( "LdapConnection::findUserDn-could not get DN for User ");
+    }
+
+    return userDn ;
+}
+
+
+} // extensions::config::ldap
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/extensions/source/config/ldap/ldapaccess.hxx b/extensions/source/config/ldap/ldapaccess.hxx
new file mode 100644
index 000000000..36a0708b1
--- /dev/null
+++ b/extensions/source/config/ldap/ldapaccess.hxx
@@ -0,0 +1,133 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#pragma once
+
+#include <sal/config.h>
+
+#include <map>
+
+#ifdef _WIN32
+#if !defined WIN32_LEAN_AND_MEAN
+#define WIN32_LEAN_AND_MEAN
+#endif
+#include <windows.h>
+#include <winldap.h>
+#else // !defined _WIN32
+#include <ldap.h>
+#endif // _WIN32
+
+#include <com/sun/star/ldap/LdapGenericException.hpp>
+
+#include <com/sun/star/lang/IllegalArgumentException.hpp>
+
+namespace extensions::config::ldap
+{
+namespace uno = css::uno;
+namespace lang = css::lang;
+namespace ldap = css::ldap;
+
+struct LdapUserProfile;
+
+/** Struct containing the information on LDAP connection */
+struct LdapDefinition
+{
+    /** LDAP server name */
+    OUString mServer;
+    /** LDAP server port number */
+    sal_Int32 mPort;
+    /** Repository base DN */
+    OUString mBaseDN;
+    /** DN to use for "anonymous" connection */
+    OUString mAnonUser;
+    /** Credentials to use for "anonymous" connection */
+    OUString mAnonCredentials;
+    /** User Entity Object Class */
+    OUString mUserObjectClass;
+    /** User Entity Unique Attribute */
+    OUString mUserUniqueAttr;
+
+    LdapDefinition()
+        : mPort(0)
+    {
+    }
+};
+
+typedef std::map<OUString, OUString> LdapData; // key/value pairs
+
+/** Class encapsulating all LDAP functionality */
+class LdapConnection
+{
+    friend struct LdapMessageHolder;
+
+public:
+    /** Default constructor */
+    LdapConnection()
+        : mConnection(nullptr)
+        , mLdapDefinition()
+    {
+    }
+    /** Destructor, releases the connection */
+    ~LdapConnection();
+    /** Make connection to LDAP server
+        @throws ldap::LdapConnectionException
+        @throws ldap::LdapGenericException
+    */
+    void connectSimple(const LdapDefinition& aDefinition);
+
+    /**
+        Gets LdapUserProfile from LDAP repository for specified user
+        @param aUser    name of logged on user
+        @param aUserProfileMap  Map containing LDAP->00o mapping
+       @param aUserProfile     struct for holding OOo values
+
+         @throws css::ldap::LdapGenericException
+                  if an LDAP error occurs.
+    */
+    void getUserProfile(const OUString& aUser, LdapData* data);
+
+    /** finds DN of user
+        @return  DN of User
+        @throws lang::IllegalArgumentException
+        @throws ldap::LdapConnectionException
+        @throws ldap::LdapGenericException
+    */
+    OUString findUserDn(const OUString& aUser);
+
+private:
+    /// @throws ldap::LdapConnectionException
+    void initConnection();
+    void disconnect();
+    /**
+      Indicates whether the connection is in a valid state.
+      @return   sal_True if connection is valid, sal_False otherwise
+      */
+    bool isValid() const { return mConnection != nullptr; }
+
+    /// @throws ldap::LdapConnectionException
+    /// @throws ldap::LdapGenericException
+    void connectSimple();
+
+    /** LDAP connection object */
+    LDAP* mConnection;
+    LdapDefinition mLdapDefinition;
+};
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/extensions/source/config/ldap/ldapbe2.component b/extensions/source/config/ldap/ldapbe2.component
new file mode 100644
index 000000000..8f6ea3f80
--- /dev/null
+++ b/extensions/source/config/ldap/ldapbe2.component
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ -->
+
+<component loader="com.sun.star.loader.SharedLibrary" environment="@CPPU_ENV@"
+    xmlns="http://openoffice.org/2010/uno-components">
+  <implementation name="com.sun.star.comp.configuration.backend.LdapUserProfileBe"
+    constructor="extensions_ldp_LdapUserProfileBe_get_implementation">
+    <service name="com.sun.star.configuration.backend.LdapUserProfileBe"/>
+  </implementation>
+</component>
diff --git a/extensions/source/config/ldap/ldapuserprofilebe.cxx b/extensions/source/config/ldap/ldapuserprofilebe.cxx
new file mode 100644
index 000000000..2012afd8b
--- /dev/null
+++ b/extensions/source/config/ldap/ldapuserprofilebe.cxx
@@ -0,0 +1,214 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+#include "ldapaccess.hxx"
+#include "ldapuserprofilebe.hxx"
+#include <sal/log.hxx>
+#include <tools/diagnose_ex.h>
+
+#include <rtl/instance.hxx>
+#include <com/sun/star/beans/NamedValue.hpp>
+#include <com/sun/star/beans/Optional.hpp>
+#include <com/sun/star/configuration/theDefaultProvider.hpp>
+#include <comphelper/scopeguard.hxx>
+#include <cppuhelper/supportsservice.hxx>
+#include <osl/security.hxx>
+
+
+namespace extensions::config::ldap {
+
+LdapUserProfileBe::LdapUserProfileBe( const uno::Reference<uno::XComponentContext>& xContext)
+: BackendBase(m_aMutex)
+{
+    LdapDefinition aDefinition;
+    OUString loggedOnUser;
+    // true initially to handle reentrant call; will become false if readLdapConfiguration fails
+    bool bHaveLdapConfiguration = true;
+
+    // This whole rigmarole is to prevent an infinite recursion where reading
+    // the configuration for the backend would create another instance of the
+    // backend, which would try and read the configuration which would...
+    {
+        osl::Mutex & aInitMutex = rtl::Static< osl::Mutex, LdapUserProfileBe >::get();
+        osl::MutexGuard aInitGuard(aInitMutex);
+
+        static bool bReentrantCall; // = false
+        OSL_ENSURE(!bReentrantCall, "configuration: Ldap Backend constructor called reentrantly - probably a registration error.");
+
+        if (!bReentrantCall)
+        {
+            bReentrantCall = true ;
+            comphelper::ScopeGuard aReentrantCallGuard([]() { bReentrantCall = false; });
+            // Don't throw on fail: this will crash if LDAP is misconfigured, and user opens
+            // Expert Configuration dialog. Instead, just don't fill data_, which will make the
+            // backend return empty values. This happens in SvtUserOptions::Impl::GetValue_Impl
+            // anyway even in throwing scenario, but doing it here also improves performance
+            // because of avoiding repeated attempts to create the backend.
+            bHaveLdapConfiguration = readLdapConfiguration(
+                xContext, &aDefinition, &loggedOnUser);
+            if (!bHaveLdapConfiguration)
+                SAL_WARN("extensions.config", "LdapUserProfileBackend: LDAP not configured");
+        }
+    }
+
+    if (bHaveLdapConfiguration)
+    {
+        LdapConnection connection;
+        connection.connectSimple(aDefinition);
+        connection.getUserProfile(loggedOnUser, &data_);
+    }
+}
+
+LdapUserProfileBe::~LdapUserProfileBe()
+{
+}
+
+
+bool LdapUserProfileBe::readLdapConfiguration(
+    css::uno::Reference< css::uno::XComponentContext > const & context,
+    LdapDefinition * definition, OUString * loggedOnUser)
+{
+    OSL_ASSERT(context.is() && definition != nullptr && loggedOnUser != nullptr);
+
+    uno::Reference< XInterface > xIface;
+    try
+    {
+        uno::Reference< lang::XMultiServiceFactory > xCfgProvider(
+            css::configuration::theDefaultProvider::get(context));
+
+        css::beans::NamedValue aPath("nodepath", uno::Any(OUString("org.openoffice.LDAP/UserDirectory")) );
+
+        uno::Sequence< uno::Any > aArgs{ uno::Any(aPath) };
+
+        xIface = xCfgProvider->createInstanceWithArguments("com.sun.star.configuration.ConfigurationAccess", aArgs);
+
+        uno::Reference<container::XNameAccess > xAccess(xIface, uno::UNO_QUERY_THROW);
+        xAccess->getByName("ServerDefinition") >>= xIface;
+
+        uno::Reference<container::XNameAccess > xChildAccess(xIface, uno::UNO_QUERY_THROW);
+
+        if (!getLdapStringParam(xChildAccess, "Server", definition->mServer))
+            return false;
+        if (!getLdapStringParam(xChildAccess, "BaseDN", definition->mBaseDN))
+            return false;
+
+        definition->mPort=0;
+        xChildAccess->getByName("Port") >>= definition->mPort ;
+        if (definition->mPort == 0)
+            return false;
+
+        if (!getLdapStringParam(xAccess, "UserObjectClass", definition->mUserObjectClass))
+            return false;
+        if (!getLdapStringParam(xAccess, "UserUniqueAttribute", definition->mUserUniqueAttr))
+            return false;
+
+        getLdapStringParam(xAccess, "SearchUser", definition->mAnonUser);
+        getLdapStringParam(xAccess, "SearchPassword", definition->mAnonCredentials);
+    }
+    catch (const uno::Exception&)
+    {
+        TOOLS_WARN_EXCEPTION("extensions.config", "LdapUserProfileBackend: access to configuration data failed");
+        return false;
+    }
+
+    osl::Security aSecurityContext;
+    if (!aSecurityContext.getUserName(*loggedOnUser))
+        SAL_WARN("extensions.config", "LdapUserProfileBackend - could not get Logged on user from system");
+
+    sal_Int32 nIndex = loggedOnUser->indexOf('/');
+    if (nIndex > 0)
+        *loggedOnUser = loggedOnUser->copy(nIndex+1);
+
+    return true;
+}
+
+
+bool LdapUserProfileBe::getLdapStringParam(
+    uno::Reference<container::XNameAccess> const & xAccess,
+    const OUString& aLdapSetting,
+    OUString& aServerParameter)
+{
+    xAccess->getByName(aLdapSetting) >>= aServerParameter;
+
+    return !aServerParameter.isEmpty();
+}
+
+void LdapUserProfileBe::setPropertyValue(
+    OUString const &, css::uno::Any const &)
+{
+    throw css::lang::IllegalArgumentException(
+        "setPropertyValue not supported",
+        static_cast< cppu::OWeakObject * >(this), -1);
+}
+
+css::uno::Any LdapUserProfileBe::getPropertyValue(
+    OUString const & PropertyName)
+{
+    for (sal_Int32 i = 0;;) {
+        sal_Int32 j = PropertyName.indexOf(',', i);
+        if (j == -1) {
+            j = PropertyName.getLength();
+        }
+        if (j == i) {
+            throw css::beans::UnknownPropertyException(
+                PropertyName, static_cast< cppu::OWeakObject * >(this));
+        }
+        LdapData::iterator k(data_.find(PropertyName.copy(i, j - i)));
+        if (k != data_.end()) {
+            return css::uno::Any(
+                css::beans::Optional< css::uno::Any >(
+                    true, css::uno::Any(k->second)));
+        }
+        if (j == PropertyName.getLength()) {
+            break;
+        }
+        i = j + 1;
+    }
+    return css::uno::Any(css::beans::Optional< css::uno::Any >());
+}
+
+
+OUString SAL_CALL LdapUserProfileBe::getImplementationName()
+{
+    return "com.sun.star.comp.configuration.backend.LdapUserProfileBe";
+}
+
+sal_Bool SAL_CALL LdapUserProfileBe::supportsService(const OUString& aServiceName)
+{
+    return cppu::supportsService(this, aServiceName);
+}
+
+uno::Sequence<OUString>
+SAL_CALL LdapUserProfileBe::getSupportedServiceNames()
+{
+    return { "com.sun.star.configuration.backend.LdapUserProfileBe" };
+}
+
+}
+
+extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface*
+extensions_ldp_LdapUserProfileBe_get_implementation(
+    css::uno::XComponentContext* context , css::uno::Sequence<css::uno::Any> const&)
+{
+    return cppu::acquire(new extensions::config::ldap::LdapUserProfileBe(context));
+}
+
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/extensions/source/config/ldap/ldapuserprofilebe.hxx b/extensions/source/config/ldap/ldapuserprofilebe.hxx
new file mode 100644
index 000000000..2f0536532
--- /dev/null
+++ b/extensions/source/config/ldap/ldapuserprofilebe.hxx
@@ -0,0 +1,113 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#pragma once
+
+#include <com/sun/star/beans/XPropertySet.hpp>
+#include <com/sun/star/lang/XServiceInfo.hpp>
+#include <com/sun/star/container/XNameAccess.hpp>
+#include <cppuhelper/compbase.hxx>
+#include <cppuhelper/basemutex.hxx>
+
+#include "ldapaccess.hxx"
+
+namespace com::sun::star::uno {
+    class XComponentContext;
+}
+
+namespace extensions::config::ldap {
+
+namespace uno = css::uno ;
+namespace lang = css::lang ;
+namespace container = css::container;
+
+struct LdapDefinition;
+
+typedef cppu::WeakComponentImplHelper<css::beans::XPropertySet,
+                                       lang::XServiceInfo> BackendBase ;
+
+/**
+  Implements the PlatformBackend service, a specialization of the
+  XPropertySet service for retrieving LDAP user profile
+  configuration settings from an LDAP repository.
+  */
+class LdapUserProfileBe : private cppu::BaseMutex, public BackendBase
+{
+    public:
+
+        explicit LdapUserProfileBe(const uno::Reference<uno::XComponentContext>& xContext);
+        virtual ~LdapUserProfileBe() override ;
+
+        // XServiceInfo
+        virtual OUString SAL_CALL
+            getImplementationName(  ) override ;
+
+        virtual sal_Bool SAL_CALL
+            supportsService( const OUString& aServiceName ) override ;
+
+        virtual uno::Sequence<OUString> SAL_CALL
+            getSupportedServiceNames(  ) override ;
+
+        // XPropertySet
+        virtual css::uno::Reference< css::beans::XPropertySetInfo > SAL_CALL
+        getPropertySetInfo() override
+        { return css::uno::Reference< css::beans::XPropertySetInfo >(); }
+
+        virtual void SAL_CALL setPropertyValue(
+            OUString const &, css::uno::Any const &) override;
+
+        virtual css::uno::Any SAL_CALL getPropertyValue(
+            OUString const & PropertyName) override;
+
+        virtual void SAL_CALL addPropertyChangeListener(
+            OUString const &,
+            css::uno::Reference< css::beans::XPropertyChangeListener > const &) override
+        {}
+
+        virtual void SAL_CALL removePropertyChangeListener(
+            OUString const &,
+            css::uno::Reference< css::beans::XPropertyChangeListener > const &) override
+        {}
+
+        virtual void SAL_CALL addVetoableChangeListener(
+            OUString const &,
+            css::uno::Reference< css::beans::XVetoableChangeListener > const &) override
+        {}
+
+        virtual void SAL_CALL removeVetoableChangeListener(
+            OUString const &,
+            css::uno::Reference< css::beans::XVetoableChangeListener > const &) override
+        {}
+
+    private:
+        /** Check if LDAP is configured */
+        static bool readLdapConfiguration(
+            uno::Reference<uno::XComponentContext> const & context,
+            LdapDefinition * definition, OUString * loggedOnUser);
+
+        static bool getLdapStringParam(uno::Reference<container::XNameAccess> const & xAccess,
+                                const OUString& aLdapSetting,
+                                OUString& aServerParameter);
+
+    LdapData data_;
+} ;
+
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */