diff --git a/lam/lib/modules/windowsUser.inc b/lam/lib/modules/windowsUser.inc
index eec2d612..d11713b9 100644
--- a/lam/lib/modules/windowsUser.inc
+++ b/lam/lib/modules/windowsUser.inc
@@ -3022,9 +3022,6 @@ class windowsUser extends baseModule implements passwordService {
* @param array $attributes LDAP attributes
*/
private function setSelfServicePassword(&$return, $attributes) {
- if (!function_exists('ldap_modify_batch')) {
- return $this->setSelfServicePasswordCMD($return, $attributes);
- }
$newPasswordVal = self::pwdAttributeValue($_POST['windowsUser_unicodePwd']);
$oldPassword = lamDecrypt($_SESSION['selfService_clientPassword'], 'SelfService');
$oldPasswordVal = self::pwdAttributeValue($oldPassword);
@@ -3058,80 +3055,6 @@ class windowsUser extends baseModule implements passwordService {
}
}
- /**
- * Sets the user password in self service.
- * Since the change requires the old password we need to run ldapmodify for this task.
- *
- * Enter description here ...
- * @param array $return return value for checkSelfServiceOptions() (used to add message if any)
- * @param array $attributes LDAP attributes
- */
- private function setSelfServicePasswordCMD(&$return, $attributes) {
- $newPasswordVal = self::pwdAttributeValue($_POST['windowsUser_unicodePwd']);
- $oldPassword = lamDecrypt($_SESSION['selfService_clientPassword'], 'SelfService');
- $oldPasswordVal = self::pwdAttributeValue($oldPassword);
- $dn = $attributes['dn'];
- $ldif = "dn: " . $dn . "\n";
- $ldif .= "changetype: modify\n";
- $ldif .= "delete: unicodePwd\n";
- $ldif .= "unicodePwd:: " . base64_encode($oldPasswordVal) . "\n";
- $ldif .= "-\n";
- $ldif .= "add: unicodePwd\n";
- $ldif .= "unicodePwd:: " . base64_encode($newPasswordVal) . "\n";
- $ldif .= "-\n";
-
- $serverURL = $_SESSION['selfServiceProfile']->serverURL;
- $tls = '';
- if ($_SESSION['selfServiceProfile']->useTLS) {
- $tls = ' -ZZ ';
- }
- $cmd = "/usr/bin/ldapmodify -H " . $serverURL . $tls . " -D " . escapeshellarg($dn) . " -x -w " . escapeshellarg($oldPassword);
-
- $descriptorspec = array(
- 0 => array("pipe", "r"), // stdin
- 1 => array("pipe", "w"), // stout
- 2 => array("pipe", "w") // sterr
- );
- $process = proc_open($cmd, $descriptorspec, $pipes);
- if (is_resource($process)) {
- fwrite($pipes[0], $ldif);
- }
- else {
- logNewMessage(LOG_ERR, 'Unable to change password of ' . $dn . '. Calling /usr/bin/ldapmodify failed.');
- $return['messages'][] = array('ERROR', _('Unable to change password.'));
- return;
- }
- fclose($pipes[0]);
- $outputMessages = '';
- while (!feof($pipes[1])) {
- $output = fgets($pipes[1], 1024);
- if ($output != '') {
- $outputMessages .= $output;
- }
- }
- while (!feof($pipes[2])) {
- $output = fgets($pipes[2], 1024);
- if ($output != '') {
- $outputMessages .= $output;
- }
- }
- fclose($pipes[1]);
- $returnCode = proc_close($process);
- if ($returnCode != 0) {
- $outputMessages = htmlspecialchars($outputMessages);
- // Active Directory message translations
- if ((strpos($outputMessages, 'DSID-03190F80') !== false) && (strpos($outputMessages, 'unicodePwd') !== false)) {
- $outputMessages = _('Your password does not meet the password strength qualifications. Please retry with another one.') . '
' . $outputMessages;
- }
- logNewMessage(LOG_ERR, 'Changing user password failed: ' . $outputMessages);
- $return['messages'][] = array('ERROR', _('Unable to change password.'), $outputMessages);
- }
- else {
- // update session password for next page load
- $_SESSION['selfService_clientPasswordNew'] = $_POST['windowsUser_unicodePwd'];
- }
- }
-
/**
* This method specifies if a module manages password attributes. The module alias will
* then appear as option in the GUI.