fixed password setting for AD
This commit is contained in:
Roland Gruber
parent
c0da431914
commit
b7a675c950
|
|
@ -45,6 +45,8 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
protected $manageCnAttribute = true;
|
protected $manageCnAttribute = true;
|
||||||
/** specifies if the description attribute should be managed by this module */
|
/** specifies if the description attribute should be managed by this module */
|
||||||
protected $manageDescriptionAttribute = true;
|
protected $manageDescriptionAttribute = true;
|
||||||
|
/** password attribute */
|
||||||
|
protected $passwordAttrName = 'userPassword';
|
||||||
/** cache for existing GID numbers */
|
/** cache for existing GID numbers */
|
||||||
private $cachedGIDList = null;
|
private $cachedGIDList = null;
|
||||||
/** cache for existing users and their GIDs */
|
/** cache for existing users and their GIDs */
|
||||||
|
|
@ -113,7 +115,7 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
// password
|
// password
|
||||||
if ($rawAccounts[$i][$ids['posixGroup_password']] != "") {
|
if ($rawAccounts[$i][$ids['posixGroup_password']] != "") {
|
||||||
if (get_preg($rawAccounts[$i][$ids['posixGroup_password']], 'password')) {
|
if (get_preg($rawAccounts[$i][$ids['posixGroup_password']], 'password')) {
|
||||||
$partialAccounts[$i]['userPassword'] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
$partialAccounts[$i][$this->passwordAttrName] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$error_messages[] = $this->messages['userPassword'][1];
|
$error_messages[] = $this->messages['userPassword'][1];
|
||||||
|
|
@ -199,10 +201,10 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
$return->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'), true);
|
$return->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'), true);
|
||||||
}
|
}
|
||||||
// password buttons
|
// password buttons
|
||||||
if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
|
if (checkIfWriteAccessIsAllowed() && isset($this->attributes[$this->passwordAttrName][0])) {
|
||||||
$return->addElement(new htmlOutputText(_('Password')));
|
$return->addElement(new htmlOutputText(_('Password')));
|
||||||
$pwdContainer = new htmlTable();
|
$pwdContainer = new htmlTable();
|
||||||
if (pwd_is_enabled($this->attributes['userPassword'][0])) {
|
if (pwd_is_enabled($this->attributes[$this->passwordAttrName][0])) {
|
||||||
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
|
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
@ -369,7 +371,7 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
// LDAP aliases
|
// LDAP aliases
|
||||||
$return['LDAPaliases'] = array('commonName' => 'cn');
|
$return['LDAPaliases'] = array('commonName' => 'cn');
|
||||||
// managed attributes
|
// managed attributes
|
||||||
$return['attributes'] = array('gidNumber', 'userPassword', 'memberUid');
|
$return['attributes'] = array('gidNumber', $this->passwordAttrName, 'memberUid');
|
||||||
if ($this->manageCnAttribute) {
|
if ($this->manageCnAttribute) {
|
||||||
$return['attributes'][] = 'cn';
|
$return['attributes'][] = 'cn';
|
||||||
}
|
}
|
||||||
|
|
@ -474,7 +476,7 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
"Text" => _("Users who will become member of the current group. User names are separated by semicolons.")
|
"Text" => _("Users who will become member of the current group. User names are separated by semicolons.")
|
||||||
),
|
),
|
||||||
'password' => array(
|
'password' => array(
|
||||||
"Headline" => _("Group password"), 'attr' => 'userPassword',
|
"Headline" => _("Group password"), 'attr' => $this->passwordAttrName,
|
||||||
"Text" => _("Sets the group password.")
|
"Text" => _("Sets the group password.")
|
||||||
),
|
),
|
||||||
'minMaxGID' => array(
|
'minMaxGID' => array(
|
||||||
|
|
@ -662,13 +664,13 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
$this->attributes['description'][0] = $_POST['description'];
|
$this->attributes['description'][0] = $_POST['description'];
|
||||||
}
|
}
|
||||||
if (isset($_POST['lockPassword'])) {
|
if (isset($_POST['lockPassword'])) {
|
||||||
$this->attributes['userPassword'][0] = pwd_disable($this->attributes['userPassword'][0]);
|
$this->attributes[$this->passwordAttrName][0] = pwd_disable($this->attributes[$this->passwordAttrName][0]);
|
||||||
}
|
}
|
||||||
if (isset($_POST['unlockPassword'])) {
|
if (isset($_POST['unlockPassword'])) {
|
||||||
$this->attributes['userPassword'][0] = pwd_enable($this->attributes['userPassword'][0]);
|
$this->attributes[$this->passwordAttrName][0] = pwd_enable($this->attributes[$this->passwordAttrName][0]);
|
||||||
}
|
}
|
||||||
if (isset($_POST['removePassword'])) {
|
if (isset($_POST['removePassword'])) {
|
||||||
unset($this->attributes['userPassword']);
|
unset($this->attributes[$this->passwordAttrName]);
|
||||||
}
|
}
|
||||||
if (isset($_POST['changegids'])) $this->changegids=true;
|
if (isset($_POST['changegids'])) $this->changegids=true;
|
||||||
else $this->changegids=false;
|
else $this->changegids=false;
|
||||||
|
|
@ -1013,7 +1015,7 @@ class posixGroup extends baseModule implements passwordService {
|
||||||
if (!in_array(get_class($this), $modules)) {
|
if (!in_array(get_class($this), $modules)) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
$this->attributes['userPassword'][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
$this->attributes[$this->passwordAttrName][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]);
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -48,6 +48,8 @@ class windowsPosixGroup extends posixGroup {
|
||||||
// do not manage cn and description (managed by windowsGroup)
|
// do not manage cn and description (managed by windowsGroup)
|
||||||
$this->manageCnAttribute = false;
|
$this->manageCnAttribute = false;
|
||||||
$this->manageDescriptionAttribute = false;
|
$this->manageDescriptionAttribute = false;
|
||||||
|
// different password attribute name
|
||||||
|
$this->passwordAttrName = 'unixUserPassword';
|
||||||
// make optional
|
// make optional
|
||||||
$this->autoAddObjectClasses = false;
|
$this->autoAddObjectClasses = false;
|
||||||
}
|
}
|
||||||
|
|
@ -67,8 +69,6 @@ class windowsPosixGroup extends posixGroup {
|
||||||
$return["is_base"] = false;
|
$return["is_base"] = false;
|
||||||
// no RDN attribute setting
|
// no RDN attribute setting
|
||||||
$return["RDN"] = array();
|
$return["RDN"] = array();
|
||||||
// managed attributes
|
|
||||||
$return['attributes'] = array('gidNumber', 'userPasswordUnix', 'memberUid');
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue