From b7a675c9505f6b6c27902bc6a157967d68023602 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Thu, 26 Dec 2013 11:00:13 +0000
Subject: [PATCH] fixed password setting for AD

---
 lam/lib/modules/posixGroup.inc        | 20 +++++++++++---------
 lam/lib/modules/windowsPosixGroup.inc |  4 ++--
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc
index 083d347d..d7fa1637 100644
--- a/lam/lib/modules/posixGroup.inc
+++ b/lam/lib/modules/posixGroup.inc
@@ -45,6 +45,8 @@ class posixGroup extends baseModule implements passwordService {
 	protected $manageCnAttribute = true;
 	/** specifies if the description attribute should be managed by this module */
 	protected $manageDescriptionAttribute = true;
+	/** password attribute */
+	protected $passwordAttrName = 'userPassword';
 	/** cache for existing GID numbers */
 	private $cachedGIDList = null;
 	/** cache for existing users and their GIDs */
@@ -113,7 +115,7 @@ class posixGroup extends baseModule implements passwordService {
 			// password
 			if ($rawAccounts[$i][$ids['posixGroup_password']] != "") {
 				if (get_preg($rawAccounts[$i][$ids['posixGroup_password']], 'password')) {
-					$partialAccounts[$i]['userPassword'] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixAccount_pwdHash'][0]);
+					$partialAccounts[$i][$this->passwordAttrName] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixAccount_pwdHash'][0]);
 				}
 				else {
 					$error_messages[] = $this->messages['userPassword'][1];
@@ -199,10 +201,10 @@ class posixGroup extends baseModule implements passwordService {
 				$return->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'), true);
 			}
 			// password buttons
-			if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
+			if (checkIfWriteAccessIsAllowed() && isset($this->attributes[$this->passwordAttrName][0])) {
 				$return->addElement(new htmlOutputText(_('Password')));
 				$pwdContainer = new htmlTable();
-				if (pwd_is_enabled($this->attributes['userPassword'][0])) {
+				if (pwd_is_enabled($this->attributes[$this->passwordAttrName][0])) {
 					$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
 				}
 				else {
@@ -369,7 +371,7 @@ class posixGroup extends baseModule implements passwordService {
 		// LDAP aliases
 		$return['LDAPaliases'] = array('commonName' => 'cn');
 		// managed attributes
-		$return['attributes'] = array('gidNumber', 'userPassword', 'memberUid');
+		$return['attributes'] = array('gidNumber', $this->passwordAttrName, 'memberUid');
 		if ($this->manageCnAttribute) {
 			$return['attributes'][] = 'cn';
 		}
@@ -474,7 +476,7 @@ class posixGroup extends baseModule implements passwordService {
 				"Text" => _("Users who will become member of the current group. User names are separated by semicolons.")
 			),
 			'password' => array(
-				"Headline" => _("Group password"), 'attr' => 'userPassword',
+				"Headline" => _("Group password"), 'attr' => $this->passwordAttrName,
 				"Text" => _("Sets the group password.")
 			),
 			'minMaxGID' => array(
@@ -662,13 +664,13 @@ class posixGroup extends baseModule implements passwordService {
 			$this->attributes['description'][0] = $_POST['description'];
 		}
 		if (isset($_POST['lockPassword'])) {
-			$this->attributes['userPassword'][0] = pwd_disable($this->attributes['userPassword'][0]);
+			$this->attributes[$this->passwordAttrName][0] = pwd_disable($this->attributes[$this->passwordAttrName][0]);
 		}
 		if (isset($_POST['unlockPassword'])) {
-			$this->attributes['userPassword'][0] = pwd_enable($this->attributes['userPassword'][0]);
+			$this->attributes[$this->passwordAttrName][0] = pwd_enable($this->attributes[$this->passwordAttrName][0]);
 		}
 		if (isset($_POST['removePassword'])) {
-			unset($this->attributes['userPassword']);
+			unset($this->attributes[$this->passwordAttrName]);
 		}
 		if (isset($_POST['changegids'])) $this->changegids=true;
 		else $this->changegids=false;
@@ -1013,7 +1015,7 @@ class posixGroup extends baseModule implements passwordService {
 		if (!in_array(get_class($this), $modules)) {
 			return array();
 		}
-		$this->attributes['userPassword'][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
+		$this->attributes[$this->passwordAttrName][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
 		return array();
 	}
 	
diff --git a/lam/lib/modules/windowsPosixGroup.inc b/lam/lib/modules/windowsPosixGroup.inc
index 43faac46..e75d058e 100644
--- a/lam/lib/modules/windowsPosixGroup.inc
+++ b/lam/lib/modules/windowsPosixGroup.inc
@@ -48,6 +48,8 @@ class windowsPosixGroup extends posixGroup {
 		// do not manage cn and description (managed by windowsGroup)
 		$this->manageCnAttribute = false;
 		$this->manageDescriptionAttribute = false;
+		// different password attribute name
+		$this->passwordAttrName = 'unixUserPassword';
 		// make optional
 		$this->autoAddObjectClasses = false;
 	}
@@ -67,8 +69,6 @@ class windowsPosixGroup extends posixGroup {
 		$return["is_base"] = false;
 		// no RDN attribute setting
 		$return["RDN"] = array();
-		// managed attributes
-		$return['attributes'] = array('gidNumber', 'userPasswordUnix', 'memberUid');
 		return $return;
 	}