lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 01:24:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

(legacy/ldap) allow local users to be created with random password, solves errors in log when linking groups and leaves the possibility open to allow shell login using ldap in a later stage (currently not supported)

Browse Source
This commit is contained in:
Ad Schellevis 2015-07-30 11:44:20 +00:00
parent 15d889805c
commit a160f3a2fa
2 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/etc/inc/auth.inc
View File

@ -395,14 +395,10 @@ function local_sync_accounts()
function local_user_set(&$user)
{
if (empty($user['password'])) {
if (empty($user['user_dn'])) {
// log error for local users, (ldap) server authenticated users should not be created locally
// and therefore maybe empty
log_error(sprintf(
gettext('There is something wrong in your config because user %s password is missing!'),
$user['name']
));
}
log_error(sprintf(
gettext('There is something wrong in your config because user %s password is missing!'),
$user['name']
));
return;
}

12
src/www/system_usermanager_import_ldap.php
View File

@ -31,10 +31,20 @@ require_once("auth.inc");
function add_local_user($username, $userdn, $userfullname) {
global $config;
// generate new random user_password
$bytes = openssl_random_pseudo_bytes(50);
$user_password = pack('H*',bin2hex($bytes));
foreach ($config['system']['user'] as &$user) {
if ($user['name'] == $username && $user['name'] != 'root') {
// link local user to remote server by updating user_dn
$user['user_dn'] = $userdn;
// trash user password when linking to ldap, avoid accidental login
// using fall-back local password. User could still reset it's
// local password, but only by choice.
local_user_set_password($user, $user_password);
local_user_set($user);
return;
}
}
@ -44,8 +54,10 @@ function add_local_user($username, $userdn, $userfullname) {
$new_user['name'] = $username;
$new_user['user_dn'] = $userdn;
$new_user['descr'] = $userfullname;
local_user_set_password($new_user, $user_password);
$new_user['uid'] = $config['system']['nextuid']++;
$config['system']['user'][] = $new_user;
local_user_set($new_user);
}
global $config;