Set sasl password for SSO as well

author: Markus Krogh <markus@nordu.net> 2019-02-07 13:39:06 +0100
committer: Markus Krogh <markus@nordu.net> 2019-02-07 13:39:06 +0100
commit: ee7e9422674f449fd8571c8d359afbe862fa6676 (patch)
tree: d2f2ab07c06d8d63913a8752fb4b9d7fe6357294 /ldap.go
parent: 7f437db53b49339615bbad9813e8beee522de493 (diff)
1 files changed, 19 insertions, 1 deletions
diff --git a/ldap.go b/ldap.go
index e8a72ed..7b6feec 100644
--- a/ldap.go
+++ b/ldap.go
@@ -224,4 +224,22 @@ func calculateFingerprint(ssh_key string) string {
 	//return fmt.Sprintf("SHA256:%x", fingerprint)
 }
 
-//// set_nordunet_ldap_pw_sasl used on sso pw set if change pw fail?
+func (i *LdapInfo) SetSASLPassword(username string) error {
+	l, err := i.LdapConnectBind()
+	if err != nil {
+		return err
+	}
+	defer l.Close()
+
+	sasl := fmt.Sprintf("{SASL}%s@%s", username, pwman.Krb5Conf.Realm)
+
+	change := ldap.NewModifyRequest(i.UserDN(username))
+	change.Replace("userPassword", []string{sasl})
+
+	err = l.Modify(change)
+	if err != nil {
+		return err
+	}
+	log.Println("[INFO] changed ldap password to SASL for", username)
+	return nil
+}
author	Markus Krogh <markus@nordu.net>	2019-02-07 13:39:06 +0100
committer	Markus Krogh <markus@nordu.net>	2019-02-07 13:39:06 +0100
commit	ee7e9422674f449fd8571c8d359afbe862fa6676 (patch)
tree	d2f2ab07c06d8d63913a8752fb4b9d7fe6357294 /ldap.go
parent	7f437db53b49339615bbad9813e8beee522de493 (diff)