use domain policy to calculate can/must change password time (2919236)
This commit is contained in:
parent
38a91eeb25
commit
df896333c2
|
@ -4,7 +4,7 @@ $Id$
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2003 - 2006 Tilo Lutz
|
Copyright (C) 2003 - 2006 Tilo Lutz
|
||||||
2005 - 2009 Roland Gruber
|
2005 - 2010 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -98,8 +98,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$this->messages['noPassword'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_noPassword', _('This value can only be \"true\" or \"false\"!'));
|
$this->messages['noPassword'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_noPassword', _('This value can only be \"true\" or \"false\"!'));
|
||||||
$this->messages['noExpire'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_noExpire', _('This value can only be \"true\" or \"false\"!'));
|
$this->messages['noExpire'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_noExpire', _('This value can only be \"true\" or \"false\"!'));
|
||||||
$this->messages['deactivated'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_deactivated', _('This value can only be \"true\" or \"false\"!'));
|
$this->messages['deactivated'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_deactivated', _('This value can only be \"true\" or \"false\"!'));
|
||||||
$this->messages['pwdCanChange'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_pwdCanChange', _('Please enter a valid date in format DD-MM-YYYY.'));
|
|
||||||
$this->messages['pwdMustChange'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_pwdMustChange', _('Please enter a valid date in format DD-MM-YYYY.'));
|
|
||||||
$this->messages['expireDate'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_expireDate', _('Please enter a valid date in format DD-MM-YYYY.'));
|
$this->messages['expireDate'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_expireDate', _('Please enter a valid date in format DD-MM-YYYY.'));
|
||||||
$this->messages['homeDrive'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_homeDrive', _('Please enter a valid drive letter.'));
|
$this->messages['homeDrive'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_homeDrive', _('Please enter a valid drive letter.'));
|
||||||
$this->messages['domain'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_domain', _('LAM was unable to find a domain with this name!'));
|
$this->messages['domain'][0] = array('ERROR', _('Account %s:') . ' sambaSamAccount_domain', _('LAM was unable to find a domain with this name!'));
|
||||||
|
@ -134,7 +132,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$return['objectClasses'] = array('sambaSamAccount');
|
$return['objectClasses'] = array('sambaSamAccount');
|
||||||
// managed attributes
|
// managed attributes
|
||||||
$return['attributes'] = array('uid', 'sambaSID', 'sambaLMPassword', 'sambaNTPassword', 'sambaPwdLastSet',
|
$return['attributes'] = array('uid', 'sambaSID', 'sambaLMPassword', 'sambaNTPassword', 'sambaPwdLastSet',
|
||||||
'sambaLogonTime', 'sambaLogoffTime', 'sambaKickoffTime', 'sambaPwdCanChange', 'sambaPwdMustChange', 'sambaAcctFlags',
|
'sambaLogonTime', 'sambaLogoffTime', 'sambaKickoffTime', 'sambaAcctFlags',
|
||||||
'sambaPwdLastSet', 'displayName', 'sambaHomePath', 'sambaHomeDrive', 'sambaLogonScript', 'sambaProfilePath',
|
'sambaPwdLastSet', 'displayName', 'sambaHomePath', 'sambaHomeDrive', 'sambaLogonScript', 'sambaProfilePath',
|
||||||
'sambaUserWorkstations', 'sambaPrimaryGroupSID', 'sambaDomainName', 'sambaLogonHours', 'sambaMungedDial');
|
'sambaUserWorkstations', 'sambaPrimaryGroupSID', 'sambaDomainName', 'sambaLogonHours', 'sambaMungedDial');
|
||||||
// PHP extensions
|
// PHP extensions
|
||||||
|
@ -167,14 +165,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
'type' => 'ext_preg',
|
'type' => 'ext_preg',
|
||||||
'regex' => 'sambaLogonHours',
|
'regex' => 'sambaLogonHours',
|
||||||
'error_message' => $this->messages['logonHours'][0]);
|
'error_message' => $this->messages['logonHours'][0]);
|
||||||
$return['profile_checks']['sambaSamAccount_pwdCanChange'] = array(
|
|
||||||
'type' => 'ext_preg',
|
|
||||||
'regex' => 'digit',
|
|
||||||
'error_message' => $this->messages['profileCanMustChange'][0]);
|
|
||||||
$return['profile_checks']['sambaSamAccount_pwdMustChange'] = array(
|
|
||||||
'type' => 'ext_preg',
|
|
||||||
'regex' => 'digit',
|
|
||||||
'error_message' => $this->messages['profileCanMustChange'][0]);
|
|
||||||
// profile mappings
|
// profile mappings
|
||||||
$return['profile_mappings'] = array(
|
$return['profile_mappings'] = array(
|
||||||
'sambaSamAccount_sambaDomainName' => 'sambaDomainName',
|
'sambaSamAccount_sambaDomainName' => 'sambaDomainName',
|
||||||
|
@ -235,8 +225,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
'syncNTPassword' => _('Sync Samba NT password with Unix password'),
|
'syncNTPassword' => _('Sync Samba NT password with Unix password'),
|
||||||
'syncLMPassword' => _('Sync Samba LM password with Unix password'),
|
'syncLMPassword' => _('Sync Samba LM password with Unix password'),
|
||||||
'syncSambaPwdLastSet' => _('Update attribute "sambaPwdLastSet" on password change'),
|
'syncSambaPwdLastSet' => _('Update attribute "sambaPwdLastSet" on password change'),
|
||||||
'syncSambaPwdMustChange' => _('Update attribute "sambaPwdMustChange" on password change'),
|
|
||||||
'syncSambaPwdCanChange' => _('Update attribute "sambaPwdCanChange" on password change')
|
|
||||||
);
|
);
|
||||||
// help Entries
|
// help Entries
|
||||||
$return['help'] = array (
|
$return['help'] = array (
|
||||||
|
@ -281,9 +269,9 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
"Text" => _("If you set this option then the user has to change his password at the next login.")),
|
"Text" => _("If you set this option then the user has to change his password at the next login.")),
|
||||||
"pwdCanChange" => array(
|
"pwdCanChange" => array(
|
||||||
"Headline" => _("User can change password"),
|
"Headline" => _("User can change password"),
|
||||||
"Text" => _("Date after the user is able to change his password. Format: DD-MM-YYYY")),
|
"Text" => _("Date after the user is able to change his password.")),
|
||||||
"pwdMustChange" => array ("Headline" => _("User must change password"),
|
"pwdMustChange" => array ("Headline" => _("User must change password"),
|
||||||
"Text" => _("Date after the user must change his password. Format: DD-MM-YYYY")),
|
"Text" => _("Date after the user must change his password.")),
|
||||||
"homeDrive" => array(
|
"homeDrive" => array(
|
||||||
"Headline" => _("Home drive"),
|
"Headline" => _("Home drive"),
|
||||||
"Text" => _("The home directory will be connected under this drive letter.")),
|
"Text" => _("The home directory will be connected under this drive letter.")),
|
||||||
|
@ -375,9 +363,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
'terminalServer' => array (
|
'terminalServer' => array (
|
||||||
"Headline" => _("Terminal server options"),
|
"Headline" => _("Terminal server options"),
|
||||||
"Text" => _("Here you can change the settings for the terminal server access.")),
|
"Text" => _("Here you can change the settings for the terminal server access.")),
|
||||||
'profilePwdCanMustChange' => array (
|
|
||||||
"Headline" => _("User can/must change password"),
|
|
||||||
"Text" => _("This is the number of seconds after when the user may or has to change his password.")),
|
|
||||||
'lmHash' => array (
|
'lmHash' => array (
|
||||||
"Headline" => _("Disable LM hashes"),
|
"Headline" => _("Disable LM hashes"),
|
||||||
"Text" => _("Windows password hashes are saved by default as NT and LM hashes. LM hashes are insecure and only needed for old versions of Windows. You should disable them unless you really need them.")),
|
"Text" => _("Windows password hashes are saved by default as NT and LM hashes. LM hashes are insecure and only needed for old versions of Windows. You should disable them unless you really need them.")),
|
||||||
|
@ -444,20 +429,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
'values' => 'true, false',
|
'values' => 'true, false',
|
||||||
'example' => 'false'
|
'example' => 'false'
|
||||||
),
|
),
|
||||||
array(
|
|
||||||
'name' => 'sambaSamAccount_pwdCanChange',
|
|
||||||
'description' => _('User can change password'),
|
|
||||||
'help' => 'pwdCanChange',
|
|
||||||
'default' => '31-12-2030',
|
|
||||||
'example' => '15-11-2006'
|
|
||||||
),
|
|
||||||
array(
|
|
||||||
'name' => 'sambaSamAccount_pwdMustChange',
|
|
||||||
'description' => _('User must change password'),
|
|
||||||
'help' => 'pwdMustChange',
|
|
||||||
'default' => '31-12-2030',
|
|
||||||
'example' => '15-10-2006'
|
|
||||||
),
|
|
||||||
array(
|
array(
|
||||||
'name' => 'sambaSamAccount_expireDate',
|
'name' => 'sambaSamAccount_expireDate',
|
||||||
'description' => _('Account expiration date'),
|
'description' => _('Account expiration date'),
|
||||||
|
@ -1015,13 +986,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
if (($buttonName == '') || (strpos($buttonName, '_back') !== false)) return array();
|
if (($buttonName == '') || (strpos($buttonName, '_back') !== false)) return array();
|
||||||
// get attribute name
|
// get attribute name
|
||||||
$attr = '';
|
$attr = '';
|
||||||
if (strpos($buttonName, 'sambaPwdCanChange') !== false) {
|
if (strpos($buttonName, 'sambaKickoffTime') !== false) {
|
||||||
$attr = 'sambaPwdCanChange';
|
|
||||||
}
|
|
||||||
elseif (strpos($buttonName, 'sambaPwdMustChange') !== false) {
|
|
||||||
$attr = 'sambaPwdMustChange';
|
|
||||||
}
|
|
||||||
elseif (strpos($buttonName, 'sambaKickoffTime') !== false) {
|
|
||||||
$attr = 'sambaKickoffTime';
|
$attr = 'sambaKickoffTime';
|
||||||
}
|
}
|
||||||
if ($attr == '') return array();
|
if ($attr == '') return array();
|
||||||
|
@ -1145,38 +1110,16 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
array('kind' => 'input', 'name' => 'passwordIsExpired', 'type' => 'checkbox', 'checked' => $this->expirePassword),
|
array('kind' => 'input', 'name' => 'passwordIsExpired', 'type' => 'checkbox', 'checked' => $this->expirePassword),
|
||||||
array('kind' => 'help', 'value' => 'passwordIsExpired'));
|
array('kind' => 'help', 'value' => 'passwordIsExpired'));
|
||||||
|
|
||||||
$dateValue = " - ";
|
|
||||||
if (isset($this->attributes['sambaPwdCanChange'][0])) {
|
|
||||||
if ($this->attributes['sambaPwdCanChange'][0] > 2147483648) {
|
|
||||||
$dateValue = " ∞ ";
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$date = getdate($this->attributes['sambaPwdCanChange'][0]);
|
|
||||||
$dateValue = $date['mday'] . "." . $date['mon'] . "." . $date['year'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$return[] = array(
|
$return[] = array(
|
||||||
array('kind' => 'text', 'text' => _('User can change password')),
|
array('kind' => 'text', 'text' => _('User can change password')),
|
||||||
array('kind' => 'table', 'value' => array(array(
|
array('kind' => 'table', 'value' => array(array(
|
||||||
array('kind' => 'text', 'text' => $dateValue),
|
array('kind' => 'text', 'text' => $this->getPasswordCanChangeTime($sambaDomains, $sel_domain)),
|
||||||
array('kind' => 'input', 'name' => 'form_subpage_sambaSamAccount_time_sambaPwdCanChange', 'type' => 'submit', 'value' => _('Change'))
|
|
||||||
))),
|
))),
|
||||||
array('kind' => 'help', 'value' => 'pwdCanChange' ));
|
array('kind' => 'help', 'value' => 'pwdCanChange' ));
|
||||||
$dateValue = " - ";
|
|
||||||
if (isset($this->attributes['sambaPwdMustChange'][0])) {
|
|
||||||
if ($this->attributes['sambaPwdMustChange'][0] > 2147483648) {
|
|
||||||
$dateValue = " ∞ ";
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$date = getdate($this->attributes['sambaPwdMustChange'][0]);
|
|
||||||
$dateValue = $date['mday'] . "." . $date['mon'] . "." . $date['year'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$return[] = array(
|
$return[] = array(
|
||||||
array('kind' => 'text', 'text' => _('User must change password')),
|
array('kind' => 'text', 'text' => _('User must change password')),
|
||||||
array('kind' => 'table', 'value' => array(array(
|
array('kind' => 'table', 'value' => array(array(
|
||||||
array('kind' => 'text', 'text' => $dateValue),
|
array('kind' => 'text', 'text' => $this->getPasswordMustChangeTime($sambaDomains, $sel_domain)),
|
||||||
array('kind' => 'input', 'name' => 'form_subpage_sambaSamAccount_time_sambaPwdMustChange', 'type' => 'submit', 'value' => _('Change'))
|
|
||||||
))),
|
))),
|
||||||
array('kind' => 'help', 'value' => 'pwdMustChange' ));
|
array('kind' => 'help', 'value' => 'pwdMustChange' ));
|
||||||
$dateValue = " - ";
|
$dateValue = " - ";
|
||||||
|
@ -1432,16 +1375,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
function display_html_time() {
|
function display_html_time() {
|
||||||
$return = array();
|
$return = array();
|
||||||
// determine attribute
|
// determine attribute
|
||||||
if (isset($_POST['form_subpage_sambaSamAccount_time_sambaPwdCanChange'])) {
|
|
||||||
$attr = 'sambaPwdCanChange';
|
|
||||||
$text = _('User can change password');
|
|
||||||
$help = "pwdCanChange";
|
|
||||||
}
|
|
||||||
elseif (isset($_POST['form_subpage_sambaSamAccount_time_sambaPwdMustChange'])) {
|
|
||||||
$attr = 'sambaPwdMustChange';
|
|
||||||
$text = _('User must change password');
|
|
||||||
$help = "pwdMustChange";
|
|
||||||
}
|
|
||||||
if (isset($_POST['form_subpage_sambaSamAccount_time_sambaKickoffTime'])) {
|
if (isset($_POST['form_subpage_sambaSamAccount_time_sambaKickoffTime'])) {
|
||||||
$attr = 'sambaKickoffTime';
|
$attr = 'sambaKickoffTime';
|
||||||
$text = _('Account expiration date');
|
$text = _('Account expiration date');
|
||||||
|
@ -1637,16 +1570,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
)
|
)
|
||||||
)),
|
)),
|
||||||
array('kind' => 'help', 'value' => 'expireDate'));
|
array('kind' => 'help', 'value' => 'expireDate'));
|
||||||
// user can change password
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('User can change password')),
|
|
||||||
array('kind' => 'input', 'name' => 'sambaSamAccount_pwdCanChange', 'type' => 'text', 'size' => '20', 'maxlength' => '10', 'value' => ""),
|
|
||||||
array('kind' => 'help', 'value' => 'profilePwdCanMustChange'));
|
|
||||||
// user must change password
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('User must change password')),
|
|
||||||
array('kind' => 'input', 'name' => 'sambaSamAccount_pwdMustChange', 'type' => 'text', 'size' => '20', 'maxlength' => '10', 'value' => ""),
|
|
||||||
array('kind' => 'help', 'value' => 'profilePwdCanMustChange'));
|
|
||||||
if (!$this->isBooleanConfigOptionSet('sambaSamAccount_hideHomeDrive')) {
|
if (!$this->isBooleanConfigOptionSet('sambaSamAccount_hideHomeDrive')) {
|
||||||
// letter of home drive
|
// letter of home drive
|
||||||
$drives = array('-');
|
$drives = array('-');
|
||||||
|
@ -1825,14 +1748,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// user can change password
|
|
||||||
if (isset($profile['sambaSamAccount_pwdCanChange'][0]) && ($profile['sambaSamAccount_pwdCanChange'][0] != '')) {
|
|
||||||
$this->attributes['sambaPwdCanChange'][0] = time() + $profile['sambaSamAccount_pwdCanChange'][0];
|
|
||||||
}
|
|
||||||
// user must change password
|
|
||||||
if (isset($profile['sambaSamAccount_pwdMustChange'][0]) && ($profile['sambaSamAccount_pwdMustChange'][0] != '')) {
|
|
||||||
$this->attributes['sambaPwdMustChange'][0] = time() + $profile['sambaSamAccount_pwdMustChange'][0];
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -2058,32 +1973,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
// End character
|
// End character
|
||||||
$flags = $flags . "]";
|
$flags = $flags . "]";
|
||||||
$partialAccounts[$i]['sambaAcctFlags'] = $flags;
|
$partialAccounts[$i]['sambaAcctFlags'] = $flags;
|
||||||
// passsword can be changed
|
|
||||||
if ($rawAccounts[$i][$ids['sambaSamAccount_pwdCanChange']] != "") {
|
|
||||||
if (get_preg($rawAccounts[$i][$ids['sambaSamAccount_pwdCanChange']], 'date')) {
|
|
||||||
$parts = explode("-", $rawAccounts[$i][$ids['sambaSamAccount_pwdCanChange']]);
|
|
||||||
$time = mktime(0, 0, 0, intval($parts[1]), intval($parts[0]), intval($parts[2]));
|
|
||||||
$partialAccounts[$i]['sambaPwdCanChange'] = $time;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$errMsg = $this->messages['pwdCanChange'][0];
|
|
||||||
array_push($errMsg, array($i));
|
|
||||||
$errors[] = $errMsg;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// passsword must be changed
|
|
||||||
if ($rawAccounts[$i][$ids['sambaSamAccount_pwdMustChange']] != "") {
|
|
||||||
if (get_preg($rawAccounts[$i][$ids['sambaSamAccount_pwdMustChange']], 'date')) {
|
|
||||||
$parts = explode("-", $rawAccounts[$i][$ids['sambaSamAccount_pwdMustChange']]);
|
|
||||||
$time = mktime(0, 0, 0, intval($parts[1]), intval($parts[0]), intval($parts[2]));
|
|
||||||
$partialAccounts[$i]['sambaPwdMustChange'] = $time;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$errMsg = $this->messages['pwdMustChange'][0];
|
|
||||||
array_push($errMsg, array($i));
|
|
||||||
$errors[] = $errMsg;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// expiration date
|
// expiration date
|
||||||
if ($rawAccounts[$i][$ids['sambaSamAccount_expireDate']] != "") {
|
if ($rawAccounts[$i][$ids['sambaSamAccount_expireDate']] != "") {
|
||||||
if (get_preg($rawAccounts[$i][$ids['sambaSamAccount_expireDate']], 'date')) {
|
if (get_preg($rawAccounts[$i][$ids['sambaSamAccount_expireDate']], 'date')) {
|
||||||
|
@ -2314,38 +2203,6 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$return['mod']['sambaPwdLastSet'][0] = time();
|
$return['mod']['sambaPwdLastSet'][0] = time();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (in_array('syncSambaPwdMustChange', $fields) || in_array('syncSambaPwdCanChange', $fields)) {
|
|
||||||
$sambaDomains = search_domains($_SESSION['ldapHandle'], $this->selfServiceSettings->LDAPSuffix);
|
|
||||||
if (($sambaDomains == null) || (sizeof($sambaDomains) == 0)) {
|
|
||||||
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password because no domain was found.'), '');
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
if (!isset($attributes['sambaSID'][0]) || $attributes['sambaSID'][0] == '') {
|
|
||||||
$return['messages'][] = array("ERROR", _('Unable to read sambaSID attribute.'), '');
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
$domainSID = substr($attributes['sambaSID'][0], 0, strrpos($attributes['sambaSID'][0], "-"));
|
|
||||||
$sel_domain = null;
|
|
||||||
for ($i = 0; $i < count($sambaDomains); $i++ ) {
|
|
||||||
if ($domainSID == $sambaDomains[$i]->SID) {
|
|
||||||
$sel_domain = $sambaDomains[$i];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ($sel_domain == null) {
|
|
||||||
$return['messages'][] = array("ERROR", _('Unable to sync the time when the user can/must change his password because no domain was found.'), $domainSID);
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
if (in_array('syncSambaPwdCanChange', $fields)) {
|
|
||||||
if (($sel_domain != null) && (isset($sel_domain->maxPwdAge))) {
|
|
||||||
$return['mod']['sambaPwdCanChange'][0] = time() + $sel_domain->minPwdAge;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (in_array('syncSambaPwdMustChange', $fields)) {
|
|
||||||
if (($sel_domain != null) && (isset($sel_domain->maxPwdAge))) {
|
|
||||||
$return['mod']['sambaPwdMustChange'][0] = time() + $sel_domain->maxPwdAge;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2400,6 +2257,66 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the time when the user needs to change his password.
|
||||||
|
*
|
||||||
|
* @param array $domains list of domain objects
|
||||||
|
* @param String $selectedDomain selected domain name
|
||||||
|
*/
|
||||||
|
private function getPasswordMustChangeTime($domains, $selectedDomain) {
|
||||||
|
if (is_array($selectedDomain) && (sizeof($selectedDomain) > 0)) {
|
||||||
|
$selectedDomain = $selectedDomain[0];
|
||||||
|
}
|
||||||
|
$return = ' - ';
|
||||||
|
// check if password expires at all
|
||||||
|
if ($this->noexpire) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
// check if there is a time set for the last password change
|
||||||
|
if (!isset($this->attributes['sambaPwdLastSet'][0])) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
for ($i = 0; $i < sizeof($domains); $i++) {
|
||||||
|
if ($domains[$i]->name == $selectedDomain) {
|
||||||
|
// check if a domain policy is set
|
||||||
|
if (!isset($domains[$i]->maxPwdAge) || ($domains[$i]->maxPwdAge < 0)) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
$time = $this->attributes['sambaPwdLastSet'][0] + $domains[$i]->maxPwdAge;
|
||||||
|
return date('d.m.Y H:i', $time);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the time when the user can change his password.
|
||||||
|
*
|
||||||
|
* @param array $domains list of domain objects
|
||||||
|
* @param String $selectedDomain selected domain name
|
||||||
|
*/
|
||||||
|
private function getPasswordCanChangeTime($domains, $selectedDomain) {
|
||||||
|
if (is_array($selectedDomain) && (sizeof($selectedDomain) > 0)) {
|
||||||
|
$selectedDomain = $selectedDomain[0];
|
||||||
|
}
|
||||||
|
$return = ' - ';
|
||||||
|
// check if there is a time set for the last password change
|
||||||
|
if (!isset($this->attributes['sambaPwdLastSet'][0])) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
for ($i = 0; $i < sizeof($domains); $i++) {
|
||||||
|
if ($domains[$i]->name == $selectedDomain) {
|
||||||
|
// check if a domain policy is set
|
||||||
|
if (!isset($domains[$i]->minPwdAge) || ($domains[$i]->minPwdAge < 0)) {
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
$time = $this->attributes['sambaPwdLastSet'][0] + $domains[$i]->minPwdAge;
|
||||||
|
return date('d.m.Y H:i', $time);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue