Server IP : 103.119.228.120 / Your IP : 3.144.122.20 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/ssl/local/ssl/local/ssl/local/share/perl5/Net/LDAP/Extra/ |
Upload File : |
package Net::LDAP::Extra::AD; use strict; use Encode; use Exporter qw(import); use Net::LDAP::RootDSE; our $VERSION = '0.04'; our @EXPORT = qw(is_AD is_ADAM reset_ADpassword change_ADpassword); sub is_AD { my $self = shift; my $rootdse = $self->root_dse(attrs => [ qw/supportedCapabilities/ ]) or return undef; return (grep { $_ eq '1.2.840.113556.1.4.800' } $rootdse->get_value('supportedCapabilities')) ? 1 : 0; } sub is_ADAM { my $self = shift; my $rootdse = $self->root_dse(attrs => [ qw/supportedCapabilities/ ]) or return undef; return (grep { $_ eq '1.2.840.113556.1.4.1851' } $rootdse->get_value('supportedCapabilities')) ? 1 : 0; } sub reset_ADpassword { my ($self, $dn, $newpw, %opt) = @_; my %attrs; $attrs{unicodePwd} = encode('utf16le', '"'.decode('utf8', $newpw).'"'); $attrs{pwdLastSet} = 0 if ($opt{force_change}); $self->modify($dn, replace => \%attrs); } sub change_ADpassword { my ($self, $dn, $oldpw, $newpw) = @_; $oldpw = encode('utf16le', '"'.decode('utf8', $oldpw).'"'); $newpw = encode('utf16le', '"'.decode('utf8', $newpw).'"'); $self->modify($dn, changes => [ delete => [ unicodePwd => $oldpw ], add => [ unicodePwd => $newpw ] ]); } 1; __END__ =head1 NAME Net::LDAP::Extra::AD -- AD convenience methods =head1 SYNOPSIS use Net::LDAP::Extra qw(AD); $ldap = Net::LDAP->new( ... ); ... if ($ldap->is_AD || $ldap->is_ADAM) { $ldap->change_ADpassword($dn, $old_password, $new_password); } =head1 DESCRIPTION Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings so that they can be used in AD password change operations. To do so, it provides the following methods: =head1 METHODS =over 4 =item is_AD ( ) Tell if the LDAP server queried is an Active Directory Domain Controller. As the check is done by querying the root DSE of the directory, it works without being bound to the directory. =item is_ADAM ( ) Tell if the LDAP server queried is running AD LDS (Active Directory Lightweight Directory Services), previously known as ADAM (Active Directoy Application Mode). As the check is done by querying the root DSE of the directory, it works without being bound to the directory. =item change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD ) Change the password of the account given by I<DN> from its old value I<OLD_PASSWORD> to the new value I<NEW_PASSWORD>. This method requires encrypted connections. =item reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS ) Reset the password of the account given by I<DN> to the value given in I<NEW_PASSWORD>. OPTIONS is a list of key/value pairs. The following keys are recognized: =over 4 =item force_change If TRUE, the affected user is required to change the password at next login. =back For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted. =back =head1 AUTHOR Peter Marschall E<lt>peter@adpm.de<gt> =head1 COPYRIGHT Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.