Changeset 1603 for trunk/LATMOS-Accounts/lib/LATMOS/Accounts
- Timestamp:
- 01/07/16 15:55:13 (9 years ago)
- Location:
- trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap.pm
r1493 r1603 91 91 } 92 92 93 sub sambaSID { 94 my ($self, $id) = @_; 95 96 my $ssid = $self->config('sambaSID') || 'S-2016-01-07'; 97 if (defined($id)) { 98 $ssid .= '-' . $id; 99 } 100 return $ssid; 101 } 102 93 103 sub load { 94 104 my ($self) = @_; -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap/User.pm
r1495 r1603 15 15 use LATMOS::Accounts::Bases::Ldap::Group; 16 16 use LATMOS::Accounts::Utils; 17 use Crypt::SmbHash; 17 18 18 19 our $VERSION = (q$Rev: 649 $ =~ /^Rev: (\d+) /)[0]; … … 49 50 posixAccount 50 51 shadowAccount 52 sambaSamAccount 51 53 ) } 54 55 sub _computeSSID { 56 my ($value) = @_; 57 $value * 2 + 1000 58 } 52 59 53 60 sub _get_attr_schema { … … 70 77 }, 71 78 facsimileTelephoneNumber => { }, 72 uidNumber => { uniq => 1, }, 79 uidNumber => { 80 uniq => 1, 81 post => sub { 82 my ($self, $value) = @_; 83 if (!grep { $_ eq 'sambaSamAccount' } $self->object->_get_attributes('objectClass')) { 84 $self->_update_class( 85 sambaSID => $self->base->sambaSID(_computeSSID($value)) 86 ); 87 } else { 88 $self->object->set_fields(sambaSID => $self->object->base->sambaSID(_computeSSID($value))); 89 } 90 }, 91 }, 73 92 gidNumber => { 74 93 reference => 'group', … … 121 140 pwdChangedTime => { ro => 1 }, 122 141 labeledURI => {}, 123 userPassword => { readable => 0, }, 142 userPassword => { readable => 0, }, 143 sambaLMPassword => { readable => 0, }, 144 sambaNTPassword => { readable => 0, }, 145 sambaSid => { ro => 1 }, 124 146 } 125 147 ); … … 143 165 $data{sn} ||= $id; # sn is mandatory 144 166 $data{uid} ||= $id; # uid is mandatory 167 $data{sambaSID} = $base->sambaSID(_computeSSID($data{uidNumber})); 145 168 $data{homeDirectory} ||= '/dev/null'; # homeDirectory is mandatory 146 169 $data{$class->_key_attribute($base)} = $id; … … 230 253 return 1; 231 254 }; 232 /^userPassword$/ and do {233 # openldap use prefix to identify encryption passwd234 # {CRYPT} is system dependant, eg use crypt from system235 # As we run openldap on UNIX, this should not be a problem236 # as we use perl crypt() which does the same237 # This code will have to be changed if we use openldap on other UNIX238 $val = '{CRYPT}' . ($val || 'xxx');239 next;240 };241 255 /^manager$/ && $val and do { 242 256 my $user = $base->get_object('user', $val) or do { … … 255 269 } 256 270 271 sub _set_password { 272 my ($self, $clear_pass) = @_; 273 274 my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); 275 my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); 276 # openldap use prefix to identify encryption passwd 277 # {CRYPT} is system dependant, eg use crypt from system 278 # As we run openldap on UNIX, this should not be a problem 279 # as we use perl crypt() which does the same 280 # This code will have to be changed if we use openldap on other UNIX 281 my $md5 = '{CRYPT}' . crypt($clear_pass, '$1$' . $salt); 282 283 my ($lm, $nt) = ntlmgen $clear_pass; 284 285 if (!grep { $_ eq 'sambaSamAccount' } $self->get_attributes('objectClass')) { 286 $self->_update_class( 287 sambaSID => $self->base->sambaSID($self->_get_attributes('uidNumber') * 2 + 1000) 288 ); 289 } 290 291 my $res = $self->set_fields( 292 userPassword => $md5, 293 sambaLMPassword => $lm, 294 sambaNTPassword => $nt, 295 ); 296 $self->base->log(LA_NOTICE, 'Mot de passe changé pour %s', $self->id) 297 if($res); 298 return $res; 299 } 300 257 301 1; 258 302 -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap/objects.pm
r1493 r1603 225 225 } 226 226 227 sub _update_class { 228 my ($self, %attr) = @_; 229 230 $self->base->log( 231 LA_NOTICE, 232 "Updating ObjectClass for %s/%s: %s", 233 $self->type, $self->id, join(', ', $self->_my_ldap_classes) 234 ); 235 $self->{entry}->replace( 236 'objectClass' => [ $self->_my_ldap_classes ], 237 %attr, 238 ); 239 } 240 227 241 1; 228 242
Note: See TracChangeset
for help on using the changeset viewer.