From 3ed1d158bca3b317893b4d61f75a417f049232bf Mon Sep 17 00:00:00 2001 From: Peter Kubica Date: Tue, 5 Mar 2019 14:07:32 +0100 Subject: [PATCH] LDAP Password Modify Extended Operation support Signed-off-by: Peter Kubica --- apps/user_ldap/lib/Access.php | 4 +++- apps/user_ldap/lib/LDAP.php | 11 +++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php index 1044938446..095b5d17f6 100644 --- a/apps/user_ldap/lib/Access.php +++ b/apps/user_ldap/lib/Access.php @@ -366,7 +366,9 @@ class Access extends LDAPUtility { return false; } try { - return @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password); + // try PASSWD extended operation first + return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) || + @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password); } catch(ConstraintViolationException $e) { throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ').$e->getMessage(), $e->getCode()); } diff --git a/apps/user_ldap/lib/LDAP.php b/apps/user_ldap/lib/LDAP.php index e6039c77d1..083d77d645 100644 --- a/apps/user_ldap/lib/LDAP.php +++ b/apps/user_ldap/lib/LDAP.php @@ -219,6 +219,17 @@ class LDAP implements ILDAPWrapper { return $this->invokeLDAPMethod('mod_replace', $link, $userDN, array('userPassword' => $password)); } + /** + * @param LDAP $link + * @param string $userDN + * @param string $oldPassword + * @param string $password + * @return bool + */ + public function exopPasswd($link, $userDN, $oldPassword, $password) { + return $this->invokeLDAPMethod('exop_passwd', $link, $userDN, $oldPassword, $password); + } + /** * @param LDAP $link * @param string $option