added option to expire password
This commit is contained in:
parent
489a72cf29
commit
c4662bb330
|
@ -56,6 +56,8 @@ class sambaSamAccount extends baseModule {
|
||||||
private $hex2bitstring = array('0' => '0000', '1' => '0001', '2' => '0010', '3' => '0011', '4' => '0100',
|
private $hex2bitstring = array('0' => '0000', '1' => '0001', '2' => '0010', '3' => '0011', '4' => '0100',
|
||||||
'5' => '0101', '6' => '0110', '7' => '0111', '8' => '1000', '9' => '1001', 'A' => '1010',
|
'5' => '0101', '6' => '0110', '7' => '0111', '8' => '1000', '9' => '1001', 'A' => '1010',
|
||||||
'B' => '1011', 'C' => '1100', 'D' => '1101', 'E' => '1110', 'F' => '1111');
|
'B' => '1011', 'C' => '1100', 'D' => '1101', 'E' => '1110', 'F' => '1111');
|
||||||
|
/** specifies if the password should be expired */
|
||||||
|
private $expirePassword = false;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -138,7 +140,7 @@ class sambaSamAccount extends baseModule {
|
||||||
// managed attributes
|
// managed attributes
|
||||||
$return['attributes'] = array('uid', 'sambaSID', 'sambaLMPassword', 'sambaNTPassword', 'sambaPwdLastSet',
|
$return['attributes'] = array('uid', 'sambaSID', 'sambaLMPassword', 'sambaNTPassword', 'sambaPwdLastSet',
|
||||||
'sambaLogonTime', 'sambaLogoffTime', 'sambaKickoffTime', 'sambaPwdCanChange', 'sambaPwdMustChange', 'sambaAcctFlags',
|
'sambaLogonTime', 'sambaLogoffTime', 'sambaKickoffTime', 'sambaPwdCanChange', 'sambaPwdMustChange', 'sambaAcctFlags',
|
||||||
'displayName', 'sambaHomePath', 'sambaHomeDrive', 'sambaLogonScript', 'sambaProfilePath',
|
'sambaPwdLastSet', 'displayName', 'sambaHomePath', 'sambaHomeDrive', 'sambaLogonScript', 'sambaProfilePath',
|
||||||
'sambaUserWorkstations', 'sambaPrimaryGroupSID', 'sambaDomainName', 'sambaLogonHours', 'sambaMungedDial');
|
'sambaUserWorkstations', 'sambaPrimaryGroupSID', 'sambaDomainName', 'sambaLogonHours', 'sambaMungedDial');
|
||||||
// PHP extensions
|
// PHP extensions
|
||||||
$return['extensions'] = array('hash', 'iconv');
|
$return['extensions'] = array('hash', 'iconv');
|
||||||
|
@ -228,6 +230,9 @@ class sambaSamAccount extends baseModule {
|
||||||
"deactivatedUpload" => array(
|
"deactivatedUpload" => array(
|
||||||
"Headline" => _("Account is deactivated"),
|
"Headline" => _("Account is deactivated"),
|
||||||
"Text" => _("If set to \"true\" account will be deactivated. (Setting D-Flag)")),
|
"Text" => _("If set to \"true\" account will be deactivated. (Setting D-Flag)")),
|
||||||
|
"passwordIsExpired" => array(
|
||||||
|
"Headline" => _("Password change at next login"),
|
||||||
|
"Text" => _("If you set this option then the user has to change his password at the next login.")),
|
||||||
"pwdCanChange" => array(
|
"pwdCanChange" => array(
|
||||||
"Headline" => _("User can change password"),
|
"Headline" => _("User can change password"),
|
||||||
"Text" => _("Date after the user is able to change his password. Format: DD-MM-YYYY")),
|
"Text" => _("Date after the user is able to change his password. Format: DD-MM-YYYY")),
|
||||||
|
@ -475,8 +480,8 @@ class sambaSamAccount extends baseModule {
|
||||||
// configuration options
|
// configuration options
|
||||||
$return['config_options']['user'] = array(
|
$return['config_options']['user'] = array(
|
||||||
array(
|
array(
|
||||||
0 => array('kind' => 'text', 'text' => '<b>' . _("Time zone") . ': </b>'),
|
array('kind' => 'text', 'text' => '<b>' . _("Time zone") . ': </b>'),
|
||||||
1 => array('kind' => 'select', 'name' => 'sambaSamAccount_timeZone', 'size' => '1',
|
array('kind' => 'select', 'name' => 'sambaSamAccount_timeZone', 'size' => '1',
|
||||||
'options' => array(
|
'options' => array(
|
||||||
array('-12', "GMT-12: " . _("Eniwetok, Kwajalein")),
|
array('-12', "GMT-12: " . _("Eniwetok, Kwajalein")),
|
||||||
array('-11', "GMT-11: " . _("Midway Island, Samoa")),
|
array('-11', "GMT-11: " . _("Midway Island, Samoa")),
|
||||||
|
@ -506,7 +511,7 @@ class sambaSamAccount extends baseModule {
|
||||||
),
|
),
|
||||||
'options_selected' => array('0'),
|
'options_selected' => array('0'),
|
||||||
'descriptiveOptions' => true),
|
'descriptiveOptions' => true),
|
||||||
2 => array('kind' => 'help', 'value' => 'timeZone'))
|
array('kind' => 'help', 'value' => 'timeZone'))
|
||||||
);
|
);
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
@ -559,6 +564,9 @@ class sambaSamAccount extends baseModule {
|
||||||
if (strpos($this->attributes['sambaAcctFlags'][0], "X")) $this->noexpire = true;
|
if (strpos($this->attributes['sambaAcctFlags'][0], "X")) $this->noexpire = true;
|
||||||
else $this->noexpire = false;
|
else $this->noexpire = false;
|
||||||
}
|
}
|
||||||
|
if (isset($this->attributes['sambaPwdLastSet'][0]) && ($this->attributes['sambaPwdLastSet'][0] === '0')) {
|
||||||
|
$this->expirePassword = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -576,6 +584,12 @@ class sambaSamAccount extends baseModule {
|
||||||
if (!in_array('sambaSamAccount', $this->attributes['objectClass'])) {
|
if (!in_array('sambaSamAccount', $this->attributes['objectClass'])) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
if ($this->expirePassword === true) {
|
||||||
|
$this->attributes['sambaPwdLastSet'][0] = '0';
|
||||||
|
}
|
||||||
|
elseif ((isset($this->attributes['sambaPwdLastSet'][0])) && ($this->attributes['sambaPwdLastSet'][0] == '0')) {
|
||||||
|
$this->attributes['sambaPwdLastSet'][0] = time();
|
||||||
|
}
|
||||||
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
|
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
@ -751,6 +765,12 @@ class sambaSamAccount extends baseModule {
|
||||||
$this->attributes['sambaSID'][0] = $SID."-". (($attrs['uidNumber'][0]*2)+$RIDbase);
|
$this->attributes['sambaSID'][0] = $SID."-". (($attrs['uidNumber'][0]*2)+$RIDbase);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (isset($_POST['passwordIsExpired'])) {
|
||||||
|
$this->expirePassword = true;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$this->expirePassword = false;
|
||||||
|
}
|
||||||
return $errors;
|
return $errors;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -984,6 +1004,11 @@ class sambaSamAccount extends baseModule {
|
||||||
array('kind' => 'input', 'name' => 'sambaAcctFlagsL', 'type' => 'checkbox', 'checked' => $locked),
|
array('kind' => 'input', 'name' => 'sambaAcctFlagsL', 'type' => 'checkbox', 'checked' => $locked),
|
||||||
array('kind' => 'help', 'value' => 'locked'));
|
array('kind' => 'help', 'value' => 'locked'));
|
||||||
|
|
||||||
|
$return[] = array(
|
||||||
|
array('kind' => 'text', 'text' => _('Password change at next login') ),
|
||||||
|
array('kind' => 'input', 'name' => 'passwordIsExpired', 'type' => 'checkbox', 'checked' => $this->expirePassword),
|
||||||
|
array('kind' => 'help', 'value' => 'passwordIsExpired'));
|
||||||
|
|
||||||
$dateValue = " - ";
|
$dateValue = " - ";
|
||||||
if (isset($this->attributes['sambaPwdCanChange'][0])) {
|
if (isset($this->attributes['sambaPwdCanChange'][0])) {
|
||||||
if ($this->attributes['sambaPwdCanChange'][0] > 2147483648) {
|
if ($this->attributes['sambaPwdCanChange'][0] > 2147483648) {
|
||||||
|
@ -2104,7 +2129,7 @@ class sambaSamAccount extends baseModule {
|
||||||
if (in_array('syncSambaPwdMustChange', $fields) || in_array('syncSambaPwdCanChange', $fields)) {
|
if (in_array('syncSambaPwdMustChange', $fields) || in_array('syncSambaPwdCanChange', $fields)) {
|
||||||
$sambaDomains = search_domains($_SESSION['ldapHandle'], $this->selfServiceSettings->LDAPSuffix);
|
$sambaDomains = search_domains($_SESSION['ldapHandle'], $this->selfServiceSettings->LDAPSuffix);
|
||||||
if (($sambaDomains == null) || (sizeof($sambaDomains) == 0)) {
|
if (($sambaDomains == null) || (sizeof($sambaDomains) == 0)) {
|
||||||
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password as no domain was found.'), '');
|
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password because no domain was found.'), '');
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
if (!isset($attributes['sambaSID'][0]) || $attributes['sambaSID'][0] == '') {
|
if (!isset($attributes['sambaSID'][0]) || $attributes['sambaSID'][0] == '') {
|
||||||
|
@ -2119,7 +2144,7 @@ class sambaSamAccount extends baseModule {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($sel_domain == null) {
|
if ($sel_domain == null) {
|
||||||
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password as no domain was found.'), $domainSID);
|
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password because no domain was found.'), $domainSID);
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
if (in_array('syncSambaPwdCanChange', $fields)) {
|
if (in_array('syncSambaPwdCanChange', $fields)) {
|
||||||
|
|
Loading…
Reference in New Issue