Skip to content

Commit

Permalink
Add improvements
Browse files Browse the repository at this point in the history
- Find DN based on authLdapSearchFilter
- Use AuthLdapExternalDn
This version should support ad,openldap,zentyal and all with one single jar file.
  • Loading branch information
Barry de Graaff committed Apr 7, 2017
1 parent 89326f8 commit 82e9efd
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 18 deletions.
8 changes: 6 additions & 2 deletions nbproject/private/private.xml
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<project-private xmlns="http://www.netbeans.org/ns/project-private/1">
<editor-bookmarks xmlns="http://www.netbeans.org/ns/editor-bookmarks/2" lastBookmarkId="0"/>
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/1">
<file>file:/C:/Users/Antonio%20Messina/Documents/NetBeansProjects/ADPassword/src/it/iknowconsulting/adpassword/ADPassword.java</file>
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/2">
<group>
<file>file:/home/bar/Zimbra-Community/ADPassword/src/it/iknowconsulting/adpassword/ADPassword.java</file>
<file>file:/home/bar/Zimbra-Community/ADPassword/src/it/iknowconsulting/adpassword/ADConnection.java</file>
<file>file:/home/bar/Zimbra-Community/ADPassword/src/it/iknowconsulting/adpassword/ADChangePasswordListener.java</file>
</group>
</open-files>
</project-private>
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ public void preModify(Account acct, String newPassword, Map context, Map<String,
}
System.setProperty("javax.net.debug", "all");
ADConnection adc = new ADConnection(domain);
adc.updatePassword(acct.getUid(), newPassword);
adc.updatePassword(acct, newPassword);
} catch (NamingException ex) {
throw AccountServiceException.PERM_DENIED(ex.toString());
}
Expand Down
39 changes: 24 additions & 15 deletions src/it/iknowconsulting/adpassword/ADConnection.java
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@

package it.iknowconsulting.adpassword;

import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.Domain;
import java.util.Hashtable;
import javax.naming.Context;
Expand All @@ -34,17 +35,22 @@
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

public class ADConnection {

DirContext ldapContext;
String authLdapSearchBase;

//authLdapSearchFilter see readme: zmprov md domain.ext zimbraAuthLdapSearchFilter "(samaccountname=%u)"
String authLdapSearchFilter;

public ADConnection(Domain domain) throws NamingException {
String authLdapURL = domain.getAuthLdapURL()[0];
String authLdapSearchBindDn = domain.getAuthLdapSearchBindDn();
String authLdapSearchBindPassword = domain.getAuthLdapSearchBindPassword();
authLdapSearchBase = domain.getAuthLdapSearchBase();
authLdapSearchFilter = domain.getAuthLdapSearchFilter();

Hashtable ldapEnv = new Hashtable(11);
ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
Expand All @@ -56,7 +62,8 @@ public ADConnection(Domain domain) throws NamingException {
ldapContext = new InitialDirContext(ldapEnv);
}

public void updatePassword(String username, String password) throws NamingException {
public void updatePassword(Account acct, String password) throws NamingException {
String username = acct.getUid();
String quotedPassword = "\"" + password + "\"";
char unicodePwd[] = quotedPassword.toCharArray();
byte pwdArray[] = new byte[unicodePwd.length * 2];
Expand All @@ -66,25 +73,27 @@ public void updatePassword(String username, String password) throws NamingExcept
}
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("UnicodePwd", pwdArray));
ldapContext.modifyAttributes("cn=" + username + "," + authLdapSearchBase, mods);

//if ExternalDN is set for the user in Zimbra, use that, otherwise fetch the DN
if ("".equals(acct.getAuthLdapExternalDn()))
{
ldapContext.modifyAttributes(fetchUser(username), mods);
}
else
{
ldapContext.modifyAttributes(acct.getAuthLdapExternalDn(), mods);
}
}

NamingEnumeration get(String searchFilter) throws NamingException {
String returnedAttrs[]={"givenName","sn","name","sAMAccountName","userPrincipalName","mail","userAccountControl"};
String fetchUser(String username) throws NamingException {
String returnedAttrs[]={"dn"};
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
searchControls.setReturningAttributes(returnedAttrs);
String searchFilter = authLdapSearchFilter.replace("%u",username);
NamingEnumeration results = ldapContext.search(authLdapSearchBase, searchFilter, searchControls);
return results;
}

public NamingEnumeration getUsers() throws NamingException {
String searchFilter = "(userPrincipalName=*)";
return get(searchFilter);
}

public NamingEnumeration fetchUser(String uid) throws NamingException {
String searchFilter = "(sAMAccountName="+uid+")";
return get(searchFilter);

SearchResult sr = (SearchResult) results.next();
return sr.getNameInNamespace();
}
}

0 comments on commit 82e9efd

Please sign in to comment.