diff --git a/include/class_password-methods-kerberos.inc b/include/class_password-methods-kerberos.inc
index 1e8ba722dc1f90c579b81c7b0e6bdfa9a7e4f5bd..24240bad576c6a6c266e78362fa9a96f2163df27 100644 (file)
function passwordMethodkerberos($config)
{
function passwordMethodkerberos($config)
{
+ $this->config= &$config;
}
function is_available()
}
function is_available()
print_red (_("Kerberos database communication failed!"));
}
print_red (_("Kerberos database communication failed!"));
}
- $ret= kadm5_chpass_principal($handle, $attrs['uid'][0]."@".$cfg['REALM'],$password);
+ $ret= kadm5_chpass_principal($handle, $this->attrs['uid'][0]."@".$cfg['REALM'],$pwd);
if ($ret === FALSE)
{
if ($ret === FALSE)
{
kadm5_destroy($handle);
kadm5_destroy($handle);
- $newpass= "{kerberos}".$attrs['uid'][0]."@".$cfg['REALM'];
+ $mode= "kerberos";
+ if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+ $mode= "sasl";
+ }
+ $newpass= "{".$mode."}".$this->attrs['uid'][0]."@".$cfg['REALM'];
return $newpass;
}
}
return $newpass;
}
}
+
+
+ function remove_from_parent()
+ {
+ /* Kerberos server defined? */
+ if (isset($this->config->data['SERVERS']['KERBEROS'])){
+ $cfg= $this->config->data['SERVERS']['KERBEROS'];
+ }
+ if (isset($cfg['SERVER']) && function_exists('kadm5_init_with_password')){
+
+ /* Connect to the admin interface */
+ $handle = kadm5_init_with_password($cfg['SERVER'], $cfg['REALM'],
+ $cfg['ADMIN'], $cfg['PASSWORD']);
+
+ /* Errors? */
+ if ($handle === FALSE){
+ print_red (_("Kerberos database communication failed"));
+ return (2);
+ }
+
+ /* Build user principal, get list of existsing principals */
+ $principal= $this->uid."@".$cfg['REALM'];
+ $principals = kadm5_get_principals($handle);
+
+ /* User exists in database? */
+ if (in_array($principal, $principals)){
+
+ /* Ok. User exists. Remove him/her */
+ $ret= kadm5_delete_principal ( $handle, $principal);
+ if ($ret === FALSE){
+ print_red (_("Can't remove user from kerberos database."));
+ }
+ }
+
+ /* Free kerberos admin handle */
+ kadm5_destroy($handle);
+ }
+ }
+
+ function get_hash_name()
+ {
+ $mode= "kerberos";
+ if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+ $mode= "sasl";
+ }
+ return "$mode";
+ }
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: