From abb56b33e0993b3c6a7f114fbd074cc59626c394 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Fri, 28 Oct 2011 14:24:56 +0200
Subject: Check password expiry times in Active Directory backend

When a user logs in, the password expiry time is checked and compared to
the $conf['auth']['ad']['expirywarn'] setting (in days). If the password
is about to expire in the specified timeframe, a warning is issued on
login.

This patch adds a new method to the adLDAP class for querying domain
parameters.
---
 inc/adLDAP.php | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'inc/adLDAP.php')

diff --git a/inc/adLDAP.php b/inc/adLDAP.php
index a64096b85..24be6e475 100644
--- a/inc/adLDAP.php
+++ b/inc/adLDAP.php
@@ -1020,6 +1020,26 @@ class adLDAP {
         return (false);
     }
 
+    /**
+     * Return info about the domain itself
+     *
+     * @authot Andreas Gohr <gohr@cosmocode.de>
+     * @param array $fields The fields to query
+     * @return array
+     */
+    public function domain_info($fields){
+        if (!$this->_bind){ return (false); }
+
+        $sr = ldap_read($this->_conn, $this->_base_dn, 'objectclass=*', $fields);
+        if (!$sr) {
+            return false;
+        }
+        $info = ldap_get_entries($this->_conn, $sr);
+        if(count($info)) return $info[0];
+
+        return false;
+    }
+
     /**
     * Determine a user's password expiry date
     *
-- 
cgit v1.2.3