Skip to content

Commit

Permalink
Merge pull request #134 from ltb-project/53-display-pwdpolicysubentry
Browse files Browse the repository at this point in the history
Display pwdpolicysubentry
  • Loading branch information
coudot authored Jul 12, 2024
2 parents f022794 + c9f6a0f commit ca9a14c
Show file tree
Hide file tree
Showing 7 changed files with 30 additions and 3 deletions.
3 changes: 3 additions & 0 deletions conf/config.inc.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@
$ldap_base = "dc=example,dc=com";
$ldap_user_base = "ou=users,".$ldap_base;
$ldap_user_filter = "(objectClass=inetOrgPerson)";
$ldap_ppolicy_filter = "(objectClass=pwdPolicy)";
$ldap_ppolicy_name_attribute = "cn";
$ldap_size_limit = 100;
#$ldap_default_ppolicy = "cn=default,ou=ppolicy,dc=example,dc=com";
$ldap_lastauth_attribute = "authTimestamp";
Expand Down Expand Up @@ -67,6 +69,7 @@
'pwdchangedtime' => array( 'attribute' => 'pwdchangedtime', 'faclass' => 'lock', 'type' => 'date' ),
'pwdfailuretime' => array( 'attribute' => 'pwdfailuretime', 'faclass' => 'lock', 'type' => 'date' ),
'pwdlastsuccess' => array( 'attribute' => 'pwdlastsuccess', 'faclass' => 'lock', 'type' => 'date' ),
'pwdpolicysubentry' => array( 'attribute' => 'pwdpolicysubentry', 'faclass' => 'lock', 'type' => 'ppolicy_dn' ),
'pwdreset' => array( 'attribute' => 'pwdreset', 'faclass' => 'lock', 'type' => 'boolean' ),
'secretary' => array( 'attribute' => 'secretary', 'faclass' => 'user-circle-o', 'type' => 'dn_link' ),
'state' => array( 'attribute' => 'st', 'faclass' => 'globe', 'type' => 'text' ),
Expand Down
16 changes: 14 additions & 2 deletions docs/ldap-parameters.rst
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,20 @@ It is advised to set a search limit on client side if no limit is set by the ser
$ldap_size_limit = 100;
Default password policy
-----------------------
Password policies
-----------------

Configure the filter to match password policy configuration objects:

.. code-block:: php
$ldap_ppolicy_filter = "(objectClass=pwdPolicy)";
Define which attribute value will be displayed as password policy name:

.. code-block:: php
$ldap_ppolicy_name_attribute = "cn";
Set ``$ldap_default_ppolicy`` value if a default policy is configured in your LDAP directory.

Expand Down
5 changes: 5 additions & 0 deletions htdocs/display.php
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,11 @@
$entry[0][$attr] = $values;
}

# Include default password policy
if ( !$entry[0]['pwdpolicysubentry'] and $ldap_default_ppolicy) {
$entry[0]['pwdpolicysubentry'][] = $ldap_default_ppolicy;
}

if ($display_edit_link) {
# Replace {dn} in URL
$edit_link = str_replace("{dn}", urlencode($dn), $display_edit_link);
Expand Down
2 changes: 1 addition & 1 deletion htdocs/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@

# Assign configuration variables
$smarty->assign("page_title", false);
$smarty->assign('ldap_params',array('ldap_url' => $ldap_url, 'ldap_starttls' => $ldap_starttls, 'ldap_binddn' => $ldap_binddn, 'ldap_bindpw' => $ldap_bindpw, 'ldap_user_base' => $ldap_user_base, 'ldap_user_filter' => $ldap_user_filter));
$smarty->assign('ldap_params',array('ldap_url' => $ldap_url, 'ldap_starttls' => $ldap_starttls, 'ldap_binddn' => $ldap_binddn, 'ldap_bindpw' => $ldap_bindpw, 'ldap_user_base' => $ldap_user_base, 'ldap_user_filter' => $ldap_user_filter, 'ldap_ppolicy_filter' => $ldap_ppolicy_filter, 'ldap_ppolicy_name_attribute' => $ldap_ppolicy_name_attribute, 'ldap_default_ppolicy' => $ldap_default_ppolicy));
$smarty->assign('logo',$logo);
$smarty->assign('background_image',$background_image);
$smarty->assign('custom_css',$custom_css);
Expand Down
1 change: 1 addition & 0 deletions lang/en.inc.php
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
$messages['label_pwdaccountlockedtime'] = "Locking date";
$messages['label_pwdchangedtime'] = "Last password change";
$messages['label_pwdfailuretime'] = "Last authentication failures";
$messages['label_pwdpolicysubentry'] = "Associated password policy";
$messages['label_pwdreset'] = "Reset password at next connection";
$messages['label_secretary'] = "Secretary";
$messages['label_state'] = "State";
Expand Down
1 change: 1 addition & 0 deletions lang/fr.inc.php
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
$messages['label_pwdaccountlockedtime'] = "Date de blocage";
$messages['label_pwdchangedtime'] = "Dernier changement de mot de passe";
$messages['label_pwdfailuretime'] = "Derniers échecs d'authentification";
$messages['label_pwdpolicysubentry'] = "Politique des mots de passe associée";
$messages['label_pwdreset'] = "Réinitialisation du mot de passe à la prochaine connexion";
$messages['label_secretary'] = "Secrétaire";
$messages['label_state'] = "État";
Expand Down
5 changes: 5 additions & 0 deletions templates/value_displayer.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,11 @@
{/if}
{/if}

{if $type eq 'ppolicy_dn'}
{assign var="name" value="{{get_attribute dn="{$value}" attribute="{$ldap_params.ldap_ppolicy_name_attribute}" ldap_url="{$ldap_params.ldap_url}" ldap_starttls="{$ldap_params.ldap_starttls}" ldap_binddn="{$ldap_params.ldap_binddn}" ldap_bindpw="{$ldap_params.ldap_bindpw}" ldap_filter="{$ldap_params.ldap_ppolicy_filter}" ldap_network_timeout="{$ldap_params.ldap_network_timeout}"}|truncate:{$truncate_value_after}}"}
{if $name}{$name}<br />{/if}
{/if}

{if $type eq 'address'}
{foreach split_value($value,'$') as $fragment}
{$fragment|truncate:{$truncate_value_after}}<br />
Expand Down

0 comments on commit ca9a14c

Please sign in to comment.