index 6d8dc0e3abd9b94c47b336c1e243de1f60064bab..6ea694f20cd48cd4d07ca30c9da0e020dd608615 100644 (file)
$ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid"));
$attrs = $ldap->fetch ();
+ // Check if user account was deactivated, indicated by ! after } ... {crypt}!###
+ if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){
+ $deactivated = TRUE;
+ }else{
+ $deactivated = FALSE;
+ }
+
+ // Get current password hash method if available
+ if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){
+ $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]);
+ $hash = strtolower($hash);
+ }
+
// Set encryption type to clear if required
- if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){
+ if (!isset($attrs['userPassword'][0]) || $hash == ""){
$hash= "clear";
}
$hash= strtolower($matches[1]);
}
-
// Crypt with the detected Method
$test = new $available[$hash]($config);
$test->attrs= $attrs;
$attrs= generate_smb_nt_hash($password);
}
+ /* Readd ! if user was deactivated */
+ if($deactivated){
+ $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass);
+ }
+
$attrs['userPassword']= array();
$attrs['userPassword']= $newpass;