- Password plugin: added ldap_force_replace option (#1486014)

git-svn-id: https://svn.roundcube.net/trunk@2817 208e9e7b-5314-0410-a742-e7e81cd9613c

2 files changed, 7 insertions, 1 deletions

diff --git a/roundcubemail/plugins/password/config.inc.php.dist b/roundcubemail/plugins/password/config.inc.php.dist
index 7bcd31be2..abe2749b6 100644
--- a/roundcubemail/plugins/password/config.inc.php.dist
+++ b/roundcubemail/plugins/password/config.inc.php.dist
@@ -105,4 +105,10 @@ $rcmail_config['password_ldap_encodage'] = 'crypt';
 // Default: 'userPassword'
 $rcmail_config['password_ldap_pwattr'] = 'userPassword';
 
+// LDAP password force replace
+// Force LDAP replace in cases where ACL allows only replace not read
+// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
+// Default: true
+$rcmail_config['password_ldap_force_replace'] = true;
+
 ?>
diff --git a/roundcubemail/plugins/password/drivers/ldap.php b/roundcubemail/plugins/password/drivers/ldap.php
index 7e92ea525..108782624 100644
--- a/roundcubemail/plugins/password/drivers/ldap.php
+++ b/roundcubemail/plugins/password/drivers/ldap.php
@@ -54,7 +54,7 @@ function password_save($curpass, $passwd)
     // Writing new crypted password to LDAP
     $userEntry = $ldap->getEntry($userDN);
     if (Net_LDAP2::isError($userEntry)) {return PASSWORD_CONNECT_ERROR;}
-    if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword))) {return PASSWORD_CONNECT_ERROR;}
+    if (!$userEntry->replace(array($rcmail->config->get('password_ldap_pwattr') => $newCryptedPassword),$rcmail->config->get('password_ldap_force_replace'))) {return PASSWORD_CONNECT_ERROR;}
     if (Net_LDAP2::isError($userEntry->update())) {return PASSWORD_CONNECT_ERROR;}
     
     // All done, no error