summaryrefslogtreecommitdiff
path: root/internal/authentication/ldap_user_provider.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/authentication/ldap_user_provider.go')
-rw-r--r--internal/authentication/ldap_user_provider.go22
1 files changed, 16 insertions, 6 deletions
diff --git a/internal/authentication/ldap_user_provider.go b/internal/authentication/ldap_user_provider.go
index 0fcc6a874..576aa787e 100644
--- a/internal/authentication/ldap_user_provider.go
+++ b/internal/authentication/ldap_user_provider.go
@@ -342,20 +342,30 @@ func (p *LDAPUserProvider) UpdatePassword(inputUsername string, newPassword stri
return fmt.Errorf("Unable to update password. Cause: %s", err)
}
- modifyRequest := ldap.NewModifyRequest(profile.DN, nil)
-
- switch p.configuration.Implementation {
- case schema.LDAPImplementationActiveDirectory:
+ switch {
+ case p.supportExtensionPasswdModify:
+ modifyRequest := ldap.NewPasswordModifyRequest(
+ profile.DN,
+ "",
+ newPassword,
+ )
+
+ err = conn.PasswordModify(modifyRequest)
+ case p.configuration.Implementation == schema.LDAPImplementationActiveDirectory:
+ modifyRequest := ldap.NewModifyRequest(profile.DN, nil)
utf16 := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM)
// The password needs to be enclosed in quotes
// https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6e803168-f140-4d23-b2d3-c3a8ab5917d2
pwdEncoded, _ := utf16.NewEncoder().String(fmt.Sprintf("\"%s\"", newPassword))
modifyRequest.Replace("unicodePwd", []string{pwdEncoded})
+
+ err = conn.Modify(modifyRequest)
default:
+ modifyRequest := ldap.NewModifyRequest(profile.DN, nil)
modifyRequest.Replace("userPassword", []string{newPassword})
- }
- err = conn.Modify(modifyRequest)
+ err = conn.Modify(modifyRequest)
+ }
if err != nil {
return fmt.Errorf("Unable to update password. Cause: %s", err)