Enabled removal from kerberos database, if user gets removed

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5132 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/plugins/personal/generic/class_user.inc b/plugins/personal/generic/class_user.inc
index c0492073a32a3939fd50f75cc7b0c56bfc540729..803f6ce5797cd70821a92a532c34a93efa4e7d69 100644 (file)
--- a/plugins/personal/generic/class_user.inc
+++ b/plugins/personal/generic/class_user.inc
@@ -580,6 +580,41 @@ class user extends plugin
       $og->save ();
     }
 
+    /* Kerberos server defined? */
+    if (isset($this->config->data['SERVERS']['KERBEROS'])){
+      $cfg= $this->config->data['SERVERS']['KERBEROS'];
+    }
+    if (isset($cfg['SERVER']) && function_exists('kadm5_init_with_password')){
+
+      /* Connect to the admin interface */
+      $handle = kadm5_init_with_password($cfg['SERVER'], $cfg['REALM'],
+          $cfg['ADMIN'], $cfg['PASSWORD']);
+
+      /* Errors? */            
+      if ($handle === FALSE){
+        print_red (_("Kerberos database communication failed"));
+        return (2);
+      }
+
+      /* Build user principal, get list of existsing principals */
+      $principal= $this->uid."@".$cfg['REALM'];
+      $principals = kadm5_get_principals($handle);
+
+      /* User exists in database? */
+      if (in_array($principal, $principals)){
+
+        /* Ok. User exists. Remove him/her */
+          $ret= kadm5_delete_principal ( $handle, $principal);
+          if ($ret === FALSE){
+            print_red (_("Can't remove user from kerberos database."));
+          }
+      }
+
+      /* Free kerberos admin handle */
+      kadm5_destroy($handle);
+    }
+
+
     /* Optionally execute a command after we're done */
     $this->handle_post_events("remove",array("uid" => $this->uid));
   }