From: chris dot brown at arlington dot k12 dot va dot us
Operating system: NA
PHP version: Irrelevant
PHP Bug Type: Feature/Change Request
Bug description: Change Novell passwords via ldap
Description:
------------
/*
----------------------------------------------------------------------
January 27, 2004
This is code I wrote to add to ldap.c under PHP 4.2.1.
The code was originally written May of 2002
I was asked to submit it as a feature request to the maintainers
of the php_ldap module.
The code allows users to change Novell NDS passwords and Novell
Simple passwords via the eDirectory 8 LDAP interface.
The code allows for both user and admin password changes. If the
"old" password is not supplied, it assumes that the user must
have admin rights to change the password.
The trick to changing the NDS password via LDAP as a user is that
you have to delete the old value and add the new value in the
same transaction.
REF: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2953444.htm
REF:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10066348.htm
Chris Brown
Arlington Public Schools
1426 North Quincy Street
Arlington, VA. 22207
[EMAIL PROTECTED]
----------------------------------------------------------------------
*/
Reproduce code:
---------------
#define LDAP_CONTROL_SIMPLEPASSWORD "2.16.840.1.113719.1.27.101.5"
/* {{{ proto bool ldap_edir_user_password_change(resource link, string dn,
string oldpassword, string newpassword)
*/
PHP_FUNCTION(ldap_edir_user_password_change)
{
pval **link, **dn, **oldpassword, **newpassword ;
char *ldap_dn;
ldap_linkdata *ld;
char *oldValues[2], *newValues[2];
LDAPMod oldPass, newPass;
LDAPMod *ldap_mods[4];
LDAPControl simplePassword_control;
LDAPControl *ldap_controls[2];
char tempstr[255];
int err;
if (ZEND_NUM_ARGS() != 4 || zend_get_parameters_ex(4, &link, &dn,
&oldpassword, &newpassword) == FAILURE) {
WRONG_PARAM_COUNT;
}
if (Z_TYPE_PP(oldpassword) != IS_STRING) {
php_error(E_WARNING, "LDAP: Expected String in thrid
element");
RETURN_FALSE;
}
if (Z_TYPE_PP(newpassword) != IS_STRING) {
php_error(E_WARNING, "LDAP: Expected String in forth
element");
RETURN_FALSE;
}
ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, link, -1, "ldap link",
le_link);
convert_to_string_ex(dn);
convert_to_string_ex(oldpassword);
convert_to_string_ex(newpassword);
ldap_dn = Z_STRVAL_PP(dn);
oldPass.mod_op = LDAP_MOD_DELETE;
newPass.mod_op = LDAP_MOD_ADD;
oldPass.mod_type = "userPassword";
newPass.mod_type = "userPassword";
oldValues[0] = Z_STRVAL_PP(oldpassword); oldValues[1] = NULL;
newValues[0] = Z_STRVAL_PP(newpassword); newValues[1] = NULL;
oldPass.mod_values = oldValues;
newPass.mod_values = newValues;
/* Setup the SimplePassword server side ldap control*/
simplePassword_control.ldctl_oid =
"2.16.840.1.113719.1.27.101.5";
simplePassword_control.ldctl_iscritical = 1;
simplePassword_control.ldctl_value.bv_val = NULL;
simplePassword_control.ldctl_value.bv_len = 0 ;
ldap_controls[0]=&simplePassword_control; ldap_controls[1]=NULL;
/* Set the NDS Password & the Simple Password */
if ( strlen(oldValues[0])==0 ) {
/* Admin Change */
ldap_mods[0]=&newPass;
ldap_mods[1]=NULL;
ldap_mods[2]=NULL;
ldap_mods[3]=NULL;
err = ldap_modify_ext_s(ld->link, ldap_dn, ldap_mods,
ldap_controls, NULL);
err = ldap_modify_ext_s(ld->link, ldap_dn, ldap_mods, NULL,
NULL);
}
else {
/* User Change */
ldap_mods[0]=&newPass;
ldap_mods[1]=NULL;
ldap_mods[2]=NULL;
ldap_mods[3]=NULL;
err = ldap_modify_ext_s(ld->link, ldap_dn, ldap_mods,
ldap_controls, NULL);
ldap_mods[0]=&oldPass;
ldap_mods[1]=&newPass;
ldap_mods[2]=NULL;
ldap_mods[3]=NULL;
err = ldap_modify_ext_s(ld->link, ldap_dn, ldap_mods, NULL,
NULL);
}
if (err == LDAP_SUCCESS) { RETVAL_TRUE; }
else {
sprintf(tempstr,"LDAP: ERROR %i:
%s",err,ldap_err2string(err)); php_error(E_WARNING, tempstr);
RETVAL_FALSE;
}
}
/* }}} */
--
Edit bug report at http://bugs.php.net/?id=27060&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27060&r=trysnapshot4
Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27060&r=trysnapshot5
Fixed in CVS: http://bugs.php.net/fix.php?id=27060&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=27060&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=27060&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=27060&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=27060&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=27060&r=support
Expected behavior: http://bugs.php.net/fix.php?id=27060&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=27060&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=27060&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=27060&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27060&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=27060&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=27060&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=27060&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=27060&r=float
