From 14a7c26b85836db9a38608feff653b4b9a8dfa17 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Mon, 24 Jan 2011 14:17:15 +0100
Subject: correctly catch password policy problems in adLDAP

This patch supresses a warning in the adLDAP library when a password
change is attempted but fails due to the configured Active Directory
Password Policy. Instead of the error an Exception is thrown.

This change probably needs to be replicated in the user modification
function.

Patch sent to upstream.
---
 inc/adLDAP.php | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'inc/adLDAP.php')

diff --git a/inc/adLDAP.php b/inc/adLDAP.php
index 4c8ee5db3..a64096b85 100644
--- a/inc/adLDAP.php
+++ b/inc/adLDAP.php
@@ -1183,8 +1183,17 @@ class adLDAP {
         $add=array();
         $add["unicodePwd"][0]=$this->encode_password($password);
 
-        $result=ldap_mod_replace($this->_conn,$user_dn,$add);
-        if ($result==false){ return (false); }
+        $result=@ldap_mod_replace($this->_conn,$user_dn,$add);
+        if ($result==false){
+            $err = ldap_errno($this->_conn);
+            if($err){
+                $msg = 'Error '.$err.': '.ldap_err2str($err).'.';
+                if($err == 53) $msg .= ' Your password might not match the password policy.';
+                throw new adLDAPException($msg);
+            }else{
+                return false;
+            }
+        }
 
         return (true);
     }
-- 
cgit v1.2.3