Skip to content

Commit

Permalink
enabling / disabling account for OpenLDAP (#44)
Browse files Browse the repository at this point in the history
  • Loading branch information
David Coutadeur committed Oct 16, 2024
1 parent e049a6e commit 0e086bb
Showing 1 changed file with 46 additions and 4 deletions.
50 changes: 46 additions & 4 deletions src/Ltb/Directory/OpenLDAP.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,18 +221,60 @@ public function resetAtNextConnection($ldap, $dn) : bool {
}

public function enableAccount($ldap, $dn) : bool {
// Not implemented

$attrsToDelete = array( 'pwdAccountDisabled' => array() );

$update = \Ltb\PhpLDAP::ldap_mod_replace($ldap, $dn, $attrsToDelete);
$errno = \Ltb\PhpLDAP::ldap_errno($ldap);

if ($errno) {
error_log("LDAP - Enabling account error $errno (".\Ltb\PhpLDAP::ldap_error($ldap).")");
return false;
} else {
return true;
}
return false;
}

public function disableAccount($ldap, $dn) : bool {
// Not implemented

# Date of disabling
$currentDate = gmdate("YmdHis")."Z";

$attrs = array( 'pwdAccountDisabled' => array($currentDate) );

$update = \Ltb\PhpLDAP::ldap_mod_replace($ldap, $dn, $attrs);
$errno = \Ltb\PhpLDAP::ldap_errno($ldap);

if ($errno) {
error_log("LDAP - Disabling account error $errno (".\Ltb\PhpLDAP::ldap_error($ldap).")");
return false;
} else {
return true;
}
return false;

}

public function isAccountEnabled($ldap, $dn) : bool {
// Not implemented
return true;

# Get entry
$search = \Ltb\PhpLDAP::ldap_read($ldap, $dn, "(objectClass=*)", array('pwdAccountDisabled'));
$errno = \Ltb\PhpLDAP::ldap_errno($ldap);

if ( $errno ) {
error_log("LDAP - Search error $errno (".ldap_error($ldap).")");
return false;
} else {
$entry = \Ltb\PhpLDAP::ldap_get_entries($ldap, $search);
}

if (empty($entry[0]['pwdaccountdisabled'][0])) {
return true;
} else {
return false;
}

}

public function getLdapDate($date) : string {
Expand Down

0 comments on commit 0e086bb

Please sign in to comment.