![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc
index 8ce7bf3b2c1a9aa44ab3a33f0b28ab72455d14a6..f15817603281d8ed9823003180d3b9f6383b5c57 100644 (file)
$attrs = $ldap->fetch();
$this->passwordChangeForceable =
in_array('sambaAccount', $attrs['objectClass']) ||
- in_array('posixAccount', $attrs['objectClass']);
+ (in_array('posixAccount', $attrs['objectClass']) && isset($attrs['shadowMax']));
$smarty->assign("passwordChangeForceable" , $this->passwordChangeForceable);
$smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange);
return($smarty->fetch(get_template_path('password.tpl', TRUE)));
}
}
- if ($this->config->get_cfg_value("core","passwordHook") != ""){
+ if ($this->config->get_cfg_value("passwordHook") != ""){
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
$ldap->cat($this->dn,array('uid'));
$attrs = $ldap->fetch();
- exec($this->config->get_cfg_value("core","passwordHook")." ".$attrs['uid'][0]." ".$new_password, $resarr);
+ exec($this->config->get_cfg_value("passwordHook")." ".
+ escapeshellarg($attrs['uid'][0])." ".escapeshellarg($new_password), $resarr);
+ $check_hook_output = "";
+ if(count($resarr) > 0) {
+ $check_hook_output= join('\n', $resarr);
+ }
+ if(!empty($check_hook_output)){
+ $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),$check_hook_output);
+ msg_dialog::displayChecks($message);
+ return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }
}
+
// The user has to change his password on next login
// - We are going to update samba and posix attributes here, to enforce
// such a password change.
// Update the posix shadow flag...
if($posix){
- $posixAccount = new posixAccount($this->config, $this->dn);
- $posixAccount->is_modified=TRUE;
- $posixAccount->activate_shadowExpire=1;
- $posixAccount->shadowExpire = date('d.m.Y', time() - (1 * 24 * 60 *60));
- $posixAccount->save();
+ $current= floor(date("U") /60 /60 /24);
+ $enforceDate = $current - $attrs['shadowMax'][0];
+ $new_attrs = array();
+ $new_attrs['shadowLastChange'] = $enforceDate;
+ $ldap->cd($this->dn);
+ $ldap->modify($new_attrs);
+
+# $posixAccount = new posixAccount($this->config, $this->dn);
+# $posixAccount->is_modified=TRUE;
+# $posixAccount->activate_shadowExpire=1;
+# $posixAccount->shadowExpire = date('d.m.Y', time() - (1 * 24 * 60 *60));
+# $posixAccount->save();
}
// Update the samba kickoff flag...
if($samba){
$sambaAccount = new sambaAccount($this->config, $this->dn);
$sambaAccount->is_modified=TRUE;
- $sambaAccount->kickoff_time_set = "1";
- $sambaAccount->sambaKickoffTime= date('d.m.Y', time() - (1 * 24 * 60 *60));
+ $sambaAccount->flag_enforcePasswordChange = TRUE;
+ $sambaAccount->flag_cannotChangePassword = FALSE;
$sambaAccount->save();
}
}