From f2cd2ddbfed8b6ffa673bd357af855c00d448f23 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 7 Jul 2010 13:16:46 +0000 Subject: [PATCH] Added option to disallow password changes git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@18951 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../personal/samba/class_sambaAccount.inc | 22 ++++++++++++++++--- gosa-plugins/samba/personal/samba/samba3.tpl | 10 +++++++++ 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/gosa-plugins/samba/personal/samba/class_sambaAccount.inc b/gosa-plugins/samba/personal/samba/class_sambaAccount.inc index 59718f66a..d83196507 100644 --- a/gosa-plugins/samba/personal/samba/class_sambaAccount.inc +++ b/gosa-plugins/samba/personal/samba/class_sambaAccount.inc @@ -36,6 +36,7 @@ class sambaAccount extends plugin var $sambaSID= ""; var $sambaPwdLastSet= "0"; var $sambaPwdCanChange= ""; + var $cannotChangePassword = FALSE; var $sambaPwdMustChange= "0"; var $sambaAcctFlags= "[UX ]"; var $sambaHomePath= ""; @@ -69,7 +70,7 @@ class sambaAccount extends plugin var $objectclasses= array('sambaSamAccount'); var $uid= ""; - var $CopyPasteVars = array("mungedObject","orig_sambaDomainName",'enforcePasswordChange'); + var $CopyPasteVars = array("mungedObject","orig_sambaDomainName",'enforcePasswordChange','cannotChangePassword'); var $multiple_support = TRUE; @@ -142,6 +143,11 @@ class sambaAccount extends plugin // Check if we've the attribute 'sambaPwdLastSet' set and if its value is 0, // in this case a password change is forced for this account. $this->enforcePasswordChange = (isset($this->attrs['sambaPwdLastSet']) && $this->attrs['sambaPwdLastSet'][0] == '0'); + + // User cannot change his password? (sambaPwdLastSet int max(Int)) + // -------------------------------- + // The user is not able to change his password while sambaPwdCanChange is 4294967295 (Integer 32 Bit max) + $this->cannotChangePassword = (isset($this->attrs['sambaPwdCanChange']) && $this->attrs['sambaPwdCanChange'][0] == '4294967295'); } function execute() @@ -463,7 +469,7 @@ class sambaAccount extends plugin "onnectclientprinters","defaultprinter","shadow","brokenconn", "reconn","allow_pwchange","connectclientprinters","no_expiry","no_password_required","temporary_disable", "password_expires","SetSambaLogonHours", - "workstation_list", "enforcePasswordChange") as $attr){ + "workstation_list", "enforcePasswordChange", "cannotChangePassword") as $attr){ if(in_array($attr,$this->multi_boxes)){ $smarty->assign("use_".$attr,TRUE); }else{ @@ -512,6 +518,7 @@ class sambaAccount extends plugin /* Show main page */ $smarty->assign("multiple_support",$this->multiple_support_active); $smarty->assign('enforcePasswordChange', $this->enforcePasswordChange); + $smarty->assign("cannotChangePassword", $this->cannotChangePassword); $display.= $smarty->fetch (get_template_path('samba3.tpl', TRUE, dirname(__FILE__))); return ($display); } @@ -895,6 +902,7 @@ class sambaAccount extends plugin $this->enforcePasswordChange = (isset($_POST['enforcePasswordChange'])); + $this->cannotChangePassword = (isset($_POST['cannotChangePassword'])); if(isset($_POST['display_information'])){ msg_dialog::display(_("Information"), @@ -1058,6 +1066,10 @@ class sambaAccount extends plugin } } + if($this->cannotChangePassword){ + $this->attrs['sambaPwdCanChange'] = 4294967295; + } + /* Generate rid / primaryGroupId */ if (!isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){ msg_dialog::display(_("Warning"), _("Undefined Samba SID detected. Please fix this problem manually!"), WARNING_DIALOG); @@ -1230,6 +1242,7 @@ class sambaAccount extends plugin "sambaAcctFlagsN" => _("Login from windows client requires no password"), "sambaAcctFlagsX" => _("Password never expires"), "enforcePasswordChange" => _("Enforce password change"), + "cannotChangePassword" => _("Cannot change password"), "sambaAcctFlagsL" => _("Lock samba account"), "sambaLogonHours" => _("Logon hours") , "sambaUserWorkstations" => _("Allow connection from")) @@ -1253,7 +1266,7 @@ class sambaAccount extends plugin "onnectclientprinters","defaultprinter","shadow","brokenconn", "reconn","allow_pwchange","connectclientprinters","no_expiry","no_password_required","temporary_disable", "password_expires", "SetSambaLogonHours", - "workstation_list", "enforcePasswordChange") as $attr){ + "workstation_list", "enforcePasswordChange","cannotChangePassword") as $attr){ if(isset($_POST["use_".$attr])){ $this->multi_boxes[] = $attr; } @@ -1418,6 +1431,9 @@ class sambaAccount extends plugin if(in_array("enforcePasswordChange",$this->multi_boxes)){ $ret['enforcePasswordChange'] = $this->enforcePasswordChange; } + if(in_array("cannotChangePassword",$this->multi_boxes)){ + $ret['cannotChangePassword'] = $this->cannotChangePassword; + } if(in_array("password_expires",$this->multi_boxes)){ $ret['password_expires'] = $this->password_expires; diff --git a/gosa-plugins/samba/personal/samba/samba3.tpl b/gosa-plugins/samba/personal/samba/samba3.tpl index c54159016..83fa6eed9 100644 --- a/gosa-plugins/samba/personal/samba/samba3.tpl +++ b/gosa-plugins/samba/personal/samba/samba3.tpl @@ -369,6 +369,16 @@ + + {render acl=$cannotChangePasswordACL checkbox=$multiple_support checked=$use_cannotChangePassword} + + {/render} + + + + + -- 2.30.2