Add configuration option to manage LDAP password reset flag (#336)
This commit is contained in:
parent
7bab2be9de
commit
72ff01d6aa
@ -65,19 +65,36 @@ sub modifyPassword {
|
|||||||
|
|
||||||
return $code unless ( $code == PE_PASSWORD_OK );
|
return $code unless ( $code == PE_PASSWORD_OK );
|
||||||
|
|
||||||
# If password policy and force reset, set pwdReset flag
|
# If password policy and force reset, set reset flag
|
||||||
if ( $self->{ldapPpolicyControl} and $self->{forceReset} ) {
|
if ( $self->{ldapPpolicyControl}
|
||||||
my $result =
|
and $self->{forceReset}
|
||||||
$self->ldap->modify( $self->{dn},
|
and $self->{ldapUsePasswordResetAttribute} )
|
||||||
replace => { 'pwdReset' => 'TRUE' } );
|
{
|
||||||
|
my $result = $self->ldap->modify(
|
||||||
|
$self->{dn},
|
||||||
|
replace => {
|
||||||
|
$self->{ldapPasswordResetAttribute} =>
|
||||||
|
$self->{ldapPasswordResetAttributeValue}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
unless ( $result->code == 0 ) {
|
unless ( $result->code == 0 ) {
|
||||||
$self->lmLog( "LDAP modify pwdReset error: " . $result->code,
|
$self->lmLog(
|
||||||
'error' );
|
"LDAP modify "
|
||||||
|
. $self->{ldapPasswordResetAttribute}
|
||||||
|
. " error: "
|
||||||
|
. $result->code,
|
||||||
|
'error'
|
||||||
|
);
|
||||||
$code = PE_LDAPERROR;
|
$code = PE_LDAPERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
$self->lmLog( "pwdReset set to TRUE", 'debug' );
|
$self->lmLog(
|
||||||
|
$self->{ldapPasswordResetAttribute}
|
||||||
|
. " set to "
|
||||||
|
. $self->{ldapPasswordResetAttributeValue},
|
||||||
|
'debug'
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $code;
|
return $code;
|
||||||
|
@ -612,6 +612,10 @@ sub setDefaultValues {
|
|||||||
# Other
|
# Other
|
||||||
$self->{logoutServices} ||= {};
|
$self->{logoutServices} ||= {};
|
||||||
$self->{useSafeJail} = 1 unless defined $self->{useSafeJail};
|
$self->{useSafeJail} = 1 unless defined $self->{useSafeJail};
|
||||||
|
$self->{ldapUsePasswordResetAttribute} = 1
|
||||||
|
unless ( defined( $self->{ldapUsePasswordResetAttribute} ) );
|
||||||
|
$self->{ldapPasswordResetAttribute} ||= "pwdReset";
|
||||||
|
$self->{ldapPasswordResetAttributeValue} ||= "TRUE";
|
||||||
|
|
||||||
# Notification
|
# Notification
|
||||||
$self->{notificationWildcard} ||= "allusers";
|
$self->{notificationWildcard} ||= "allusers";
|
||||||
|
Loading…
Reference in New Issue
Block a user