Lines Matching +full:update +full:- +full:user +full:- +full:login -(+path:inc +path:lang) -(+path:lib +path:plugins +path:lang) -(+path:lib +path:tpl +path:dokuwiki +path:lang)
12 * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
29 * @subpackage User
31 * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
32 * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
43 * USER FUNCTIONS
54 $this->adldap = $adldap;
58 * Validate a user's login credentials
60 * @param string $username A user's AD username
61 * @param string $password A user's AD password
66 return $this->adldap->authenticate($username, $password, $preventRebind);
70 * Create a user
74 * @param array $attributes The attributes to set to the user account
87 if (array_key_exists("password",$attributes) && (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS())){
96 $add = $this->adldap->adldap_schema($attributes);
104 $add["objectclass"][3] = "user"; //person?
112 $add["userAccountControl"][0] = $this->accountControl($control_options);
119 $result = @ldap_add($this->adldap->getLdapConnection(), "CN=" . $add["cn"][0] . ", " . $container . "," . $this->adldap->getBaseDn(), $add);
165 * Delete a user account
173 $userinfo = $this->info($username, array("*"), $isGUID);
175 $result = $this->adldap->folder()->delete($dn);
183 * Groups the user is a member of
193 if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
194 if (!$this->adldap->getLdapBind()) { return false; }
197 $info = @$this->info($username, array("memberof", "primarygroupid"), $isGUID);
198 $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); // Presuming the entry returned is our guy (unique usernames)
202 $extraGroups = $this->adldap->group()->recursiveGroups($groupName);
221 if (!$this->adldap->getLdapBind()) { return false; }
224 $username = $this->adldap->utilities()->strGuidToHex($username);
240 $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
241 $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
247 if ($this->adldap->getRealPrimaryGroup() && isset($entries[0]["primarygroupid"][0]) && isset($entries[0]["objectsid"][0])){
248 //$entries[0]["memberof"][]=$this->group_cn($entries[0]["primarygroupid"][0]);
249 $entries[0]["memberof"][] = $this->adldap->group()->getPrimaryGroup($entries[0]["primarygroupid"][0], $entries[0]["objectsid"][0]);
251 $entries[0]["memberof"][] = "CN=Domain Users,CN=Users," . $this->adldap->getBaseDn();
276 if (!$this->adldap->getLdapBind()) { return false; }
278 $info = $this->info($username, $fields, $isGUID);
281 $collection = new adLDAPUserCollection($info, $this->adldap);
288 * Determine if a user is in a specific group
300 if (!$this->adldap->getLdapBind()) { return false; }
301 if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } // Use the default option if they haven't set it
304 $groups = $this->groups($username, $recursive, $isGUID);
315 * Determine a user's password expiry date
325 if (!$this->adldap->getLdapBind()) { return false; }
328 $userInfo = $this->info($username, array("pwdlastset", "useraccountcontrol"), $isGUID);
342 // - User's own pwdLastSet attribute: stores the last time the password was changed
343 // - Domain's maxPwdAge attribute: how long passwords last in the domain
347 $sr = ldap_read($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), 'objectclass=*', array('maxPwdAge'));
351 $info = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
355 // See MSDN: http://msdn.microsoft.com/en-us/library/ms974598.aspx
381 $status['expiryformat'] = date('Y-m-d H:i:s', bcsub(bcdiv($pwdExpire, '10000000'), '11644473600'));
387 * Modify a user
397 if (array_key_exists("password", $attributes) && !$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
401 // Find the dn of the user
402 $userDn = $this->dn($username, $isGUID);
407 // Translate the update to the LDAP schema
408 $mod = $this->adldap->adldap_schema($attributes);
410 // Check to see if this is an enabled status update
423 $mod["userAccountControl"][0] = $this->accountControl($controlOptions);
426 // Do the update
427 $result = @ldap_modify($this->adldap->getLdapConnection(), $userDn, $mod);
436 * Disable a user account
446 $result = $this->modify($username, $attributes, $isGUID);
453 * Enable a user account
463 $result = $this->modify($username, $attributes, $isGUID);
470 * Set the password of a user - This must be performed over SSL
481 if (!$this->adldap->getLdapBind()) { return false; }
482 if (!$this->adldap->getUseSSL() && !$this->adldap->getUseTLS()) {
486 $userDn = $this->dn($username, $isGUID);
492 $add["unicodePwd"][0] = $this->encodePassword($password);
494 $result = @ldap_mod_replace($this->adldap->getLdapConnection(), $userDn, $add);
496 $err = ldap_errno($this->adldap->getLdapConnection());
527 * Obtain the user's distinguished name based on their userid
536 $user = $this->info($username, array("cn"), $isGUID);
537 if ($user[0]["dn"] === NULL) {
540 $userDn = $user[0]["dn"];
547 * @param bool $includeDescription Return a description of the user
549 * @param bool $sorted Sort the user accounts
554 if (!$this->adldap->getLdapBind()) { return false; }
557 $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)(cn=" . $search . "))";
559 $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
560 $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
586 if (!$this->adldap->getLdapBind()){ return false; }
591 $sr = @ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
592 if (ldap_count_entries($this->adldap->getLdapConnection(), $sr) > 0) {
593 $entry = @ldap_first_entry($this->adldap->getLdapConnection(), $sr);
594 $guid = @ldap_get_values_len($this->adldap->getLdapConnection(), $entry, 'objectGUID');
595 $strGUID = $this->adldap->utilities()->binaryToText($guid[0]);
604 * @param bool $includeDescription Return a description of the user
607 * @param bool $sorted Sort the user accounts
611 if (!$this->adldap->getLdapBind()){ return false; }
618 $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT .")(objectCategory=person)" . $searchParams . ")";
620 $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
621 $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
642 * Move a user account to a different OU
645 * @param array $container The container or containers to move the user to (please be careful here!).
651 if (!$this->adldap->getLdapBind()) { return false; }
656 $userInfo = $this->info($username, array("*"));
661 $newBaseDn = strtolower($newContainer) . "," . $this->adldap->getBaseDn();
662 $result = @ldap_rename($this->adldap->getLdapConnection(), $dn, $newRDn, $newBaseDn, true);
670 * Get the last logon time of any user as a Unix timestamp
676 if (!$this->adldap->getLdapBind()) { return false; }
678 $userInfo = $this->info($username, array("lastLogonTimestamp"));