"UID"); $LDAP['default_attribute_map']["gidnumber"] = array("label" => "GID"); $LDAP['default_attribute_map']["loginshell"] = array("label" => "Login shell"); $LDAP['default_attribute_map']["homedirectory"] = array("label" => "Home directory"); $LDAP['default_attribute_map']["mail"] = array("label" => "Email", "onkeyup" => "check_if_we_should_enable_sending_email();"); $attribute_map = ldap_complete_account_attribute_array(); if (!isset($_POST['account_identifier']) and !isset($_GET['account_identifier'])) { ?>

The account identifier is missing.

$attr_r) { $$attribute = $user[0][$attribute][0]; if (isset($_POST['update_account']) and isset($_POST[$attribute]) and $_POST[$attribute] != $$attribute) { $$attribute = filter_var($_POST[$attribute], FILTER_SANITIZE_STRING); $to_update[$attribute] = $$attribute; } elseif (isset($attr_r['default'])) { $$attribute = $attr_r['default']; } } $dn = $user[0]['dn']; ### Update values if (isset($_POST['update_account'])) { if (isset($_POST['password']) and $_POST['password'] != "") { $password = $_POST['password']; if ((!is_numeric($_POST['pass_score']) or $_POST['pass_score'] < 3) and $ACCEPT_WEAK_PASSWORDS != TRUE) { $weak_password = TRUE; } if (preg_match("/\"|'/",$password)) { $invalid_password = TRUE; } if ($_POST['password'] != $_POST['password_match']) { $mismatched_passwords = TRUE; } if ($ENFORCE_SAFE_SYSTEM_NAMES == TRUE and !preg_match("/$USERNAME_REGEX/",$account_identifier)) { $invalid_username = TRUE; } if ( !$mismatched_passwords and !$weak_password and !$invalid_password ) { $to_update['userpassword'] = ldap_hashed_password($password); } } if (array_key_exists($LDAP['account_attribute'], $to_update)) { $new_rdn = "${LDAP['account_attribute']}=${to_update[$LDAP['account_attribute']]}"; $renamed_entry = ldap_rename($ldap_connection, $dn, $new_rdn, $LDAP['user_dn'], true); if ($renamed_entry) { $dn = "${new_rdn},${LDAP['user_dn']}"; $account_identifier = $to_update[$LDAP['account_attribute']]; } else { ldap_get_option($ldap_connection, LDAP_OPT_DIAGNOSTIC_MESSAGE, $detailed_err); error_log("$log_prefix Failed to rename the DN for ${account_identifier}: " . ldap_error($ldap_connection) . " -- " . $detailed_err,0); } } $updated_account = @ ldap_mod_replace($ldap_connection, $dn, $to_update); if (!$updated_account) { ldap_get_option($ldap_connection, LDAP_OPT_DIAGNOSTIC_MESSAGE, $detailed_err); error_log("$log_prefix Failed to modify account details for ${account_identifier}: " . ldap_error($ldap_connection) . " -- " . $detailed_err,0); } $sent_email_message=""; if ($updated_account and isset($mail) and $can_send_email == TRUE and isset($_POST['send_email'])) { $mail_subject = "Your $ORGANISATION_NAME password has been reset."; $mail_body = <<

The password wasn't strong enough.

The password contained invalid characters.

The passwords didn't match.

$group) { if (is_numeric($index)) { array_push($updated_group_membership,$group); } } if ($USER_ID == $account_identifier and !array_search($USER_ID, $updated_group_membership)){ array_push($updated_group_membership,$LDAP["admins_group"]); } $groups_to_add = array_diff($updated_group_membership,$currently_member_of); $groups_to_del = array_diff($currently_member_of,$updated_group_membership); foreach ($groups_to_del as $this_group) { ldap_delete_member_from_group($ldap_connection,$this_group,$account_identifier); } foreach ($groups_to_add as $this_group) { ldap_add_member_to_group($ldap_connection,$this_group,$account_identifier); } $not_member_of = array_diff($all_groups,$updated_group_membership); $member_of = $updated_group_membership; ?>

  • $attr_r) { $label = $attr_r['label']; $onkeyup = $attr_r['onkeyup']; if ($attribute == $LDAP['account_attribute']) { $label = "$label*"; } ?>
    >
    Email the updated credentials to the user?

    *The account identifier. Changing this will change the full DN.

Group membership

Member of
    ${group}
\n"; } else { print "
  • $group
  • \n"; } } ?>
    Available groups
      $group\n"; } ?>