- Password plugin: added ldap_force_replace option (#1486014)

15 years ago · 793e24885b
parent 5f8d31f9be
commit 793e24885b
2 changed files with 7 additions and 1 deletions
--- a/plugins/password/config.inc.php.dist
+++ b/plugins/password/config.inc.php.dist
@ -105,4 +105,10 @@ $rcmail_config['password_ldap_encodage'] = 'crypt';
 // Default: 'userPassword'
 $rcmail_config['password_ldap_pwattr'] = 'userPassword';

+// LDAP password force replace
+// Force LDAP replace in cases where ACL allows only replace not read
+// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
+// Default: true
+$rcmail_config['password_ldap_force_replace'] = true;
+
 ?>
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@ -54,7 +54,7 @@ function password_save($curpass, $passwd)
    // Writing new crypted password to LDAP
    $userEntry = $ldap->getEntry($userDN);
    if (Net_LDAP2::isError($userEntry)) {return PASSWORD_CONNECT_ERROR;}
-    if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword))) {return PASSWORD_CONNECT_ERROR;}
+    if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword),$rcmail->config->get('password_ldap_force_replace'))) {return PASSWORD_CONNECT_ERROR;}
    if (Net_LDAP2::isError($userEntry->update())) {return PASSWORD_CONNECT_ERROR;}
    
    // All done, no error