password support
This commit is contained in:
Roland Gruber
parent
fa037be32a
commit
3adc50c8ac
|
|
@ -32,7 +32,7 @@ $Id$
|
||||||
*
|
*
|
||||||
* @package modules
|
* @package modules
|
||||||
*/
|
*/
|
||||||
class windowsUser extends baseModule {
|
class windowsUser extends baseModule implements passwordService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
|
|
@ -49,6 +49,8 @@ class windowsUser extends baseModule {
|
||||||
$return["account_types"] = array('user');
|
$return["account_types"] = array('user');
|
||||||
// this is a base module
|
// this is a base module
|
||||||
$return["is_base"] = true;
|
$return["is_base"] = true;
|
||||||
|
// PHP extensions
|
||||||
|
$return['extensions'] = array('iconv');
|
||||||
// RDN attribute
|
// RDN attribute
|
||||||
$return["RDN"] = array("cn" => "high");
|
$return["RDN"] = array("cn" => "high");
|
||||||
// LDAP filter
|
// LDAP filter
|
||||||
|
|
@ -137,29 +139,23 @@ class windowsUser extends baseModule {
|
||||||
// upload fields
|
// upload fields
|
||||||
$return['upload_columns'] = array(
|
$return['upload_columns'] = array(
|
||||||
array(
|
array(
|
||||||
'name' => 'windowsHost_name',
|
'name' => 'windowsUser_name',
|
||||||
'description' => _('Host name'),
|
'description' => _('User name'),
|
||||||
'help' => 'cn',
|
'help' => 'cn',
|
||||||
'example' => _('PC01'),
|
'example' => _('smiller'),
|
||||||
'required' => true
|
'required' => true
|
||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'name' => 'windowsHost_description',
|
'name' => 'windowsUser_description',
|
||||||
'description' => _('Description'),
|
'description' => _('Description'),
|
||||||
'help' => 'description',
|
'help' => 'description',
|
||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'name' => 'windowsHost_location',
|
'name' => 'windowsUser_l',
|
||||||
'description' => _('Location'),
|
'description' => _('Location'),
|
||||||
'help' => 'location',
|
'help' => 'l',
|
||||||
'example' => _('MyCity'),
|
'example' => _('MyCity'),
|
||||||
),
|
),
|
||||||
array(
|
|
||||||
'name' => 'windowsHost_managedBy',
|
|
||||||
'description' => _('Managed by'),
|
|
||||||
'help' => 'managedBy',
|
|
||||||
'example' => 'cn=user1,o=test',
|
|
||||||
),
|
|
||||||
);
|
);
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array(
|
$return['PDF_fields'] = array(
|
||||||
|
|
@ -301,6 +297,9 @@ class windowsUser extends baseModule {
|
||||||
$this->processMultiValueInputTextField('url', $return);
|
$this->processMultiValueInputTextField('url', $return);
|
||||||
// web site
|
// web site
|
||||||
$this->attributes['wWWHomePage'][0] = $_POST['wWWHomePage'];
|
$this->attributes['wWWHomePage'][0] = $_POST['wWWHomePage'];
|
||||||
|
if ($this->getAccountContainer()->isNewAccount) {
|
||||||
|
$this->attributes['userAccountControl'][0] = 512;
|
||||||
|
}
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -317,12 +316,12 @@ class windowsUser extends baseModule {
|
||||||
$errors = array();
|
$errors = array();
|
||||||
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
|
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
|
||||||
// add object class
|
// add object class
|
||||||
if (!in_array('computer', $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = 'computer';
|
if (!in_array('user', $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = 'user';
|
||||||
// cn + sAMAccountName
|
// cn + sAMAccountName
|
||||||
if ($rawAccounts[$i][$ids['windowsHost_name']] != "") {
|
if ($rawAccounts[$i][$ids['windowsUser_name']] != "") {
|
||||||
if (get_preg($rawAccounts[$i][$ids['windowsHost_name']], 'hostname')) {
|
if (get_preg($rawAccounts[$i][$ids['windowsUser_name']], 'username')) {
|
||||||
$partialAccounts[$i]['cn'] = $rawAccounts[$i][$ids['windowsHost_name']];
|
$partialAccounts[$i]['cn'] = $rawAccounts[$i][$ids['windowsUser_name']];
|
||||||
$partialAccounts[$i]['sAMAccountName'] = $rawAccounts[$i][$ids['windowsHost_name']] . '$';
|
$partialAccounts[$i]['sAMAccountName'] = $rawAccounts[$i][$ids['windowsUser_name']] . '$';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$errMsg = $this->messages['cn'][1];
|
$errMsg = $this->messages['cn'][1];
|
||||||
|
|
@ -331,19 +330,15 @@ class windowsUser extends baseModule {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// description
|
// description
|
||||||
if ($rawAccounts[$i][$ids['windowsHost_description']] != "") {
|
if ($rawAccounts[$i][$ids['windowsUser_description']] != "") {
|
||||||
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['windowsHost_description']];
|
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['windowsUser_description']];
|
||||||
}
|
}
|
||||||
// location
|
// location
|
||||||
if ($rawAccounts[$i][$ids['windowsHost_location']] != "") {
|
if ($rawAccounts[$i][$ids['windowsUser_l']] != "") {
|
||||||
$partialAccounts[$i]['location'] = $rawAccounts[$i][$ids['windowsHost_location']];
|
$partialAccounts[$i]['l'] = $rawAccounts[$i][$ids['windowsUser_l']];
|
||||||
}
|
}
|
||||||
// managed by
|
// user account
|
||||||
if ($rawAccounts[$i][$ids['windowsHost_managedBy']] != "") {
|
$partialAccounts[$i]['userAccountControl'][0] = 512;
|
||||||
$partialAccounts[$i]['managedBy'] = $rawAccounts[$i][$ids['windowsHost_managedBy']];
|
|
||||||
}
|
|
||||||
// machine trust account, no password required
|
|
||||||
$partialAccounts[$i]['userAccountControl'][0] = 4128;
|
|
||||||
}
|
}
|
||||||
return $errors;
|
return $errors;
|
||||||
}
|
}
|
||||||
|
|
@ -373,6 +368,46 @@ class windowsUser extends baseModule {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method specifies if a module manages password attributes. The module alias will
|
||||||
|
* then appear as option in the GUI.
|
||||||
|
* <br>If the module only wants to get notified about password changes then return false.
|
||||||
|
*
|
||||||
|
* @return boolean true if this module manages password attributes
|
||||||
|
*/
|
||||||
|
public function managesPasswordAttributes() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Specifies if this module supports to force that a user must change his password on next login.
|
||||||
|
*
|
||||||
|
* @return boolean force password change supported
|
||||||
|
*/
|
||||||
|
public function supportsForcePasswordChange() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function is called whenever the password should be changed. Account modules
|
||||||
|
* must change their password attributes only if the modules list contains their module name.
|
||||||
|
*
|
||||||
|
* @param String $password new password
|
||||||
|
* @param array $modules list of modules for which the password should be changed
|
||||||
|
* @param boolean $forcePasswordChange force the user to change his password at next login
|
||||||
|
* @return array list of error messages if any as parameter array for StatusMessage
|
||||||
|
* e.g. return arrray(array('ERROR', 'Password change failed.'))
|
||||||
|
*/
|
||||||
|
public function passwordChangeRequested($password, $modules, $forcePasswordChange) {
|
||||||
|
if (!in_array(get_class($this), $modules)) {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
$pwdBin = iconv('UTF-8', 'UTF-16LE', '"' . $password . '"');
|
||||||
|
$this->orig['unicodePwd'][0] = 'unknown';
|
||||||
|
$this->attributes['unicodePwd'][0] = $pwdBin;
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue