summaryrefslogtreecommitdiff
path: root/plugins/password
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-07-31 06:36:39 +0000
committeralecpl <alec@alec.pl>2009-07-31 06:36:39 +0000
commit793e24885b0e210c630be8a1db78e0e795c33c47 (patch)
tree58d11729c486f5dac9edbd929e0c264f65da03d3 /plugins/password
parent5f8d31f9bee0b85495f0b601b9123790edddd6dd (diff)
- Password plugin: added ldap_force_replace option (#1486014)
Diffstat (limited to 'plugins/password')
-rw-r--r--plugins/password/config.inc.php.dist6
-rw-r--r--plugins/password/drivers/ldap.php2
2 files changed, 7 insertions, 1 deletions
diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist
index 7bcd31be2..abe2749b6 100644
--- a/plugins/password/config.inc.php.dist
+++ b/plugins/password/config.inc.php.dist
@@ -105,4 +105,10 @@ $rcmail_config['password_ldap_encodage'] = 'crypt';
// Default: 'userPassword'
$rcmail_config['password_ldap_pwattr'] = 'userPassword';
+// LDAP password force replace
+// Force LDAP replace in cases where ACL allows only replace not read
+// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
+// Default: true
+$rcmail_config['password_ldap_force_replace'] = true;
+
?>
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index 7e92ea525..108782624 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -54,7 +54,7 @@ function password_save($curpass, $passwd)
// Writing new crypted password to LDAP
$userEntry = $ldap->getEntry($userDN);
if (Net_LDAP2::isError($userEntry)) {return PASSWORD_CONNECT_ERROR;}
- if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword))) {return PASSWORD_CONNECT_ERROR;}
+ if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword),$rcmail->config->get('password_ldap_force_replace'))) {return PASSWORD_CONNECT_ERROR;}
if (Net_LDAP2::isError($userEntry->update())) {return PASSWORD_CONNECT_ERROR;}
// All done, no error