The purpose is to quickly find the full DN of a user so it can be used
to re-bind as this user. This method requires the 'user' configuration
parameter to be set.
public findUserDN ( string $user ) : string | ||
$user | string | The user to find. |
return | string | The user's full DN. |
/** * Reset a user's password. Used for example when the user does not * remember the existing password. * * @param string $userId The user id for which to reset the password. * * @return string The new password on success. * @throws Horde_Auth_Exception */ public function resetPassword($userId) { if (!empty($this->_params['ad'])) { throw new Horde_Auth_Exception(__CLASS__ . ': Updating users is not supported for Active Directory.'); } /* Search for the user's full DN. */ try { $dn = $this->_ldap->findUserDN($userId); } catch (Horde_Exception_Ldap $e) { throw new Horde_Auth_Exception($e); } /* Get a new random password. */ $password = Horde_Auth::genRandomPassword(); /* Encrypt the new password */ $entry = array('userpassword' => Horde_Auth::getCryptedPassword($password, '', $this->_params['encryption'], 'true')); /* Set the lastchange field */ $shadow = $this->_lookupShadow($dn); if ($shadow['shadowlastchange']) { $entry['shadowlastchange'] = floor(time() / 86400); } /* Update user entry. */ try { $this->_ldap->modify($dn, array('replace' => $entry)); } catch (Horde_Ldap_Exception $e) { throw new Horde_Auth_Exception($e); } return $password; }
/** * Constructor. * * @param string $user The username. * @param array $params Configuration parameters. * - 'ldap': (Horde_Ldap) [REQUIRED] The DB instance. * * @throws InvalidArgumentException */ public function __construct($user, array $params = array()) { if (!isset($params['ldap'])) { throw new InvalidArgumentException('Missing ldap parameter.'); } $this->_ldap = $params['ldap']; unset($params['ldap']); try { $this->_prefsDN = $this->_ldap->findUserDN($user); } catch (Horde_Ldap_Exception $e) { throw new Horde_Prefs_Exception($e); } try { // Try do find an existing preference object in an organizational // unit under the userDN $search = $this->_ldap->search($this->_prefsDN, Horde_Ldap_Filter::create('objectclass', 'equals', 'hordePerson'), array('attributes' => array('dn'), 'scope' => 'sub')); if ($search->count() == 1) { $this->_prefsDN = $search->shiftEntry()->currentDN(); } } catch (Horde_Ldap_Exception $e) { } parent::__construct($user, $params); }
/** * Removes a user from a group. * * @param mixed $gid A group ID. * @param string $user A user name. * * @throws Horde_Group_Exception * @throws Horde_Exception_NotFound */ public function removeUser($gid, $user) { if ($this->readOnly()) { throw new Horde_Group_Exception('This group backend is read-only.'); } $attr = $this->_params['memberuid']; try { if (!empty($this->_params['attrisdn'])) { $user = $this->_ldap->findUserDN($user); } $entry = $this->_ldap->getEntry($gid, array($attr)); $entry->delete(array($attr => $user)); $this->_rebind(true); $entry->update(); $this->_rebind(false); } catch (Horde_Ldap_Exception $e) { throw new Horde_Group_Exception($e); } }