public function testChangePasswordWithUserAccountActiveDirectory() { if ($this->_getLdap()->getRootDse()->getServerType() !== Zend_Ldap_Node_RootDse::SERVER_TYPE_ACTIVEDIRECTORY) { $this->markTestSkipped('Test can only be run on an ActiveDirectory server'); } $options = $this->_getLdap()->getOptions(); if ($options['useSsl'] !== true && $options['useStartTls'] !== true) { $this->markTestSkipped('Test can only be run on an SSL or TLS secured connection'); } $dn = $this->_createDn('cn=New User,'); $data = array(); $password = '******'; Zend_Ldap_Attribute::setAttribute($data, 'cn', 'New User', false); Zend_Ldap_Attribute::setAttribute($data, 'displayName', 'New User', false); Zend_Ldap_Attribute::setAttribute($data, 'sAMAccountName', 'newuser', false); Zend_Ldap_Attribute::setAttribute($data, 'userAccountControl', 512, false); Zend_Ldap_Attribute::setAttribute($data, 'objectClass', 'person', true); Zend_Ldap_Attribute::setAttribute($data, 'objectClass', 'organizationalPerson', true); Zend_Ldap_Attribute::setAttribute($data, 'objectClass', 'user', true); Zend_Ldap_Attribute::setPassword($data, $password, Zend_Ldap_Attribute::PASSWORD_UNICODEPWD, 'unicodePwd'); try { $this->_getLdap()->add($dn, $data); $this->_getLdap()->bind($dn, $password); $newPasswd = 'newpasswd'; $newData = array(); Zend_Ldap_Attribute::setPassword($newData, $newPasswd, Zend_Ldap_Attribute::PASSWORD_UNICODEPWD); $this->_getLdap()->update($dn, $newData); try { $this->_getLdap()->bind($dn, $password); $this->fail('Expected exception not thrown'); } catch (Zend_Ldap_Exception $zle) { $message = $zle->getMessage(); $this->assertTrue(strstr($message, 'Invalid credentials') || strstr($message, 'Server is unwilling to perform')); } $this->assertType('Zend_Ldap', $this->_getLdap()->bind($dn, $newPasswd)); $this->_getLdap()->bind(); $this->_getLdap()->delete($dn); } catch (Zend_Ldap_Exception $e) { $this->_getLdap()->bind(); if ($this->_getLdap()->exists($dn)) { $this->_getLdap()->delete($dn); } $this->fail($e->getMessage()); } }
public function testPasswordSettingCustomAttribute() { $data = array(); Zend_Ldap_Attribute::setPassword($data, 'pa$$w0rd', Zend_Ldap_Attribute::PASSWORD_HASH_SHA, 'myAttribute'); $password = Zend_Ldap_Attribute::getAttribute($data, 'myAttribute', 0); $this->assertNotNull($password); }
/** * Sets a LDAP password. * * @param string $password * @param string $hashType * @param string $attribName * @return Zend_Ldap_Node Provides a fluid interface * @throws Zend_Ldap_Exception */ public function setPasswordAttribute($password, $hashType = Zend_Ldap_Attribute::PASSWORD_HASH_MD5, $attribName = 'userPassword') { $this->_assertChangeableAttribute($attribName); Zend_Ldap_Attribute::setPassword($this->_currentData, $password, $hashType, $attribName); return $this; }
protected function _changePassLdap(\Core_Dto_Mapping $dtoPass, $userEntity, $recover = FALSE) { try { $ldapUser = $userEntity->getSqPessoa()->getSqPessoaFisica()->getNuCpf(); $userPasswd = $dtoPass->getTxSenha(); $adminAuth = $this->_adminAuthLDAP(); if (!$recover) { $adminAuth->bind($ldapUser, $userPasswd); } $userDn = current($adminAuth->search("samAccountName={$ldapUser}")->toArray()); if (!$userDn) { throw new \Core_Exception_ServiceLayer_Verification("Usuário inexistente no LDAP"); } $userData = array(); \Zend_Ldap_Attribute::setPassword($userData, $dtoPass->getTxSenhaNova(), \Zend_Ldap_Attribute::PASSWORD_UNICODEPWD); $this->_adminAuthLDAP()->update($userDn['dn'], $userData); } catch (\Zend_Ldap_Exception $exc) { $message = sprintf('[SICA-e] LDAP Error in %s: "%s"', __METHOD__, $exc->getMessage()); error_log($message); $this->getMessaging()->addErrorMessage($exc->getMessage()); $message = sprintf('[Erro no LDAP] %s', $exc->getMessage()); $ldapCode = $exc->getCode(); if ($ldapCode > 0) { $message = sprintf('LDAP0x%x', $ldapCode); } throw new \Core_Exception_ServiceLayer_Verification($message); } }