/** * Removes all members from the current group. * * @return bool */ public function removeMembers() { $modification = new BatchModification(); $modification->setAttribute($this->schema->member()); $modification->setType(LDAP_MODIFY_BATCH_REMOVE_ALL); $this->addModification($modification); return $this->save(); }
/** * Change the password of the current user. This must be performed over SSL. * * @param string $oldPassword The new password * @param string $newPassword The old password * @param bool $replaceNotRemove Alternative password change method. Set to true if you're receiving 'CONSTRAINT' * errors. * * @throws AdldapException * @throws PasswordPolicyException * @throws WrongPasswordException * * @return bool */ public function changePassword($oldPassword, $newPassword, $replaceNotRemove = false) { $connection = $this->query->getConnection(); if (!$connection->isUsingSSL() && !$connection->isUsingTLS()) { $message = 'SSL or TLS must be configured on your web server and enabled to change passwords.'; throw new AdldapException($message); } $attribute = ActiveDirectory::UNICODE_PASSWORD; if ($replaceNotRemove === true) { $replace = new BatchModification(); $replace->setAttribute($attribute); $replace->setType(LDAP_MODIFY_BATCH_REPLACE); $replace->setValues([Utilities::encodePassword($newPassword)]); $this->addModification($replace); } else { $remove = new BatchModification(); $remove->setAttribute($attribute); $remove->setType(LDAP_MODIFY_BATCH_REMOVE); $remove->setValues([Utilities::encodePassword($oldPassword)]); $add = new BatchModification(); $add->setAttribute($attribute); $add->setType(LDAP_MODIFY_BATCH_ADD); $add->setValues([Utilities::encodePassword($newPassword)]); $this->addModification($remove); $this->addModification($add); } $result = $this->update(); if ($result === false) { $error = $connection->getExtendedError(); if ($error) { $errorCode = $connection->getExtendedErrorCode(); $message = 'Error: ' . $error; if ($errorCode == '0000052D') { $message = "Error: {$errorCode}. Your new password might not match the password policy."; throw new PasswordPolicyException($message); } elseif ($errorCode == '00000056') { $message = "Error: {$errorCode}. Your old password might be wrong."; throw new WrongPasswordException($message); } throw new AdldapException($message); } else { return false; } } return $result; }
/** * Adds a modification to the models modifications array. * * @param BatchModification $modification * * @return $this */ public function addModification(BatchModification $modification) { $batch = $modification->get(); if (is_array($batch)) { $this->modifications[] = $batch; } return $this; }
/** * Removes all members from the current group. * * @return bool */ public function removeMembers() { $modification = new BatchModification(); $modification->setAttribute(ActiveDirectory::MEMBER); $modification->setType(LDAP_MODIFY_BATCH_REMOVE_ALL); $this->addModification($modification); return $this->save(); }
/** * Change the password of the current user. This must be performed over SSL. * * @param string $oldPassword The new password * @param string $newPassword The old password * * @throws AdldapException * @throws PasswordPolicyException * @throws WrongPasswordException * * @return bool */ public function changePassword($oldPassword, $newPassword) { $connection = $this->query->getConnection(); if (!$connection->isUsingSSL() && !$connection->isUsingTLS()) { $message = 'SSL or TLS must be configured on your web server and enabled to change passwords.'; throw new AdldapException($message); } $attribute = $this->schema->unicodePassword(); // Create batch modification for removing the old password. $remove = new BatchModification(); $remove->setAttribute($attribute); $remove->setType(LDAP_MODIFY_BATCH_REMOVE); $remove->setValues([Utilities::encodePassword($oldPassword)]); // Create batch modification for adding the new password. $add = new BatchModification(); $add->setAttribute($attribute); $add->setType(LDAP_MODIFY_BATCH_ADD); $add->setValues([Utilities::encodePassword($newPassword)]); // Add the modifications. $this->addModification($remove); $this->addModification($add); // Update the user. $result = $this->update(); if ($result === false) { // If the user failed to update, we'll see if we can // figure out why by retrieving the extended error. $error = $connection->getExtendedError(); if ($error) { $errorCode = $connection->getExtendedErrorCode(); $message = "Error: {$error}"; if ($errorCode == '0000052D') { $message = "Error: {$errorCode}. Your new password might not match the password policy."; throw new PasswordPolicyException($message); } elseif ($errorCode == '00000056') { $message = "Error: {$errorCode}. Your old password might be wrong."; throw new WrongPasswordException($message); } throw new AdldapException($message); } else { return false; } } return $result; }