From 222298bcee7f8e8fd98bb6fc1bcfb821ac1e55cd Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Mon, 31 Oct 2011 15:27:45 +0100
Subject: Do not send empty changes to the AD backend

This fixes password changing operations: password change and user
modification are two different operations on the AD backend - the user
modification should not be done on password only changes.
---
 inc/auth/ad.class.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'inc/auth')

diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php
index 9ffd3e18b..1fddad243 100644
--- a/inc/auth/ad.class.php
+++ b/inc/auth/ad.class.php
@@ -286,11 +286,13 @@ class auth_ad extends auth_basic {
         if(isset($changes['mail'])){
             $adchanges['email'] = $changes['mail'];
         }
-        try {
-            $return = $return & $this->adldap->user_modify($user,$adchanges);
-        } catch (adLDAPException $e) {
-            if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
-            $return = false;
+        if(count($adchanges)){
+            try {
+                $return = $return & $this->adldap->user_modify($user,$adchanges);
+            } catch (adLDAPException $e) {
+                if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
+                $return = false;
+            }
         }
 
         return $return;
-- 
cgit v1.2.3