public function updateUser($oldID, $newID, $credentials, $olddn = null, $newdn = null)
{
if (!empty($this->_params['ad'])) {
throw new Horde_Auth_Exception(__CLASS__ . ': Updating users is not supported for Active Directory.');
}
if (is_null($olddn)) {
/* Search for the user's full DN. */
try {
$dn = $this->_ldap->findUserDN($oldID);
} catch (Horde_Exception_Ldap $e) {
throw new Horde_Auth_Exception($e);
}
$olddn = $dn;
$newdn = preg_replace('/uid=.*?,/', 'uid=' . $newID . ',', $dn, 1);
$shadow = $this->_lookupShadow($dn);
/* If shadowmin hasn't yet expired only change when we are
administrator */
if ($shadow['shadowlastchange'] && $shadow['shadowmin'] && $shadow['shadowlastchange'] + $shadow['shadowmin'] > time() / 86400) {
throw new Horde_Auth_Exception('Minimum password age has not yet expired');
}
/* Set the lastchange field */
if ($shadow['shadowlastchange']) {
$entry['shadowlastchange'] = floor(time() / 86400);
}
/* Encrypt the new password */
$entry['userpassword'] = Horde_Auth::getCryptedPassword($credentials['password'], '', $this->_params['encryption'], 'true');
} else {
$entry = $credentials;
unset($entry['dn']);
}
try {
if ($oldID != $newID) {
$this->_ldap->move($olddn, $newdn);
$this->_ldap->modify($newdn, array('replace' => $entry));
} else {
$this->_ldap->modify($olddn, array('replace' => $entry));
}
} catch (Horde_Ldap_Exception $e) {
throw new Horde_Auth_Exception(sprintf(__CLASS__ . ': Unable to update user "%s"', $newID));
}
}