/** * Set the password of a user - This must be performed over SSL * * @param string $username The username to modify * @param string $password The new password * @param bool $isGUID Is the username passed a GUID or a samAccountName * @return bool */ public function password($username, $password, $isGUID = false) { if ($username === NULL) { return false; } if ($password === NULL) { return false; } if (!$this->adldap->getLdapBind()) { return false; } if (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) { throw new adLDAPException('SSL must be configured on your webserver and enabled in the class to set passwords.'); } $userDn = $this->dn($username, $isGUID); if ($userDn === false) { return false; } $add = array(); $add["unicodePwd"][0] = $this->encodePassword($password); $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $add); if ($result === false) { $err = ldap_errno($this->adldap->getLdapConnection()); if ($err) { $msg = 'Error ' . $err . ': ' . ldap_err2str($err) . '.'; if ($err == 53) { $msg .= ' Your password might not match the password policy.'; } throw new adLDAPException($msg); } else { return false; } } return true; }