Commit e611d3d1 authored by Joel Rennich's avatar Joel Rennich

password override

parent 5b1bbbbb
Pipeline #50082316 passed with stage
in 1 minute and 57 seconds
......@@ -20,6 +20,8 @@ enum HintType: String, CaseIterable {
case uid
case gid
case kerberos_principal
case passwordOverride // stmop on the password
}
// attribute statics
......
......@@ -54,8 +54,15 @@ class LocalCheckAndMigrate : ContextAndHintHandling, DSQueryable {
} else {
os_log("Local name matches, but not password", log: uiLog, type: .default)
return .syncPassword
if getManagedPreference(key: .PasswordOverwriteSilent) as? Bool ?? false {
// set the hint and return complete
setHint(type: .passwordOverride, hint: true)
return .complete
} else {
return .syncPassword
}
}
} catch DSQueryableErrors.notLocalUser {
os_log("User is not a local user", log: uiLog, type: .default)
......
......@@ -86,6 +86,10 @@ enum Preferences: String, CaseIterable {
/// A filesystem path to an image to set the user profile image to as a `String`
case UserProfileImage
//Messages
case MessagePasswordSync // what to show when the password needs to sync
//UserInput bits
case UserInputOutputPath
......@@ -93,6 +97,11 @@ enum Preferences: String, CaseIterable {
case UserInputLogo
case UserInputTitle
case UserInputMainText
//Password update keys
case PasswordOverwriteSilent // will silently update user password to new one
case PasswordOverwriteOptional // allow the user to stomp on the password if interested
}
func printAllPrefs(writeOut: Bool=false) {
......
......@@ -12,7 +12,7 @@ import NoMAD_ADAuth
/// Mechanism to create a local user and homefolder.
class CreateUser: NoLoMechanism {
class CreateUser: NoLoMechanism, DSQueryable {
//MARK: - Properties
let session = ODSession.default()
......@@ -87,6 +87,18 @@ class CreateUser: NoLoMechanism {
// no user to create
os_log("Skipping local account creation", log: createUserLog, type: .default)
// check to see if we need to overwrite the password
if (getHint(type: .passwordOverride) as? String == "true") {
os_log("Attempting to override user password.", log: createUserLog)
do {
let localUserRecord = try getLocalRecord(nomadUser ?? "NONE")
try localUserRecord.changePassword(nil, toPassword: nomadPass)
} catch {
os_log("Unable to override user password", log: createUserLog)
}
}
// Set the login timestamp if requested
setTimestampFor(nomadUser as? String ?? "")
......@@ -339,6 +351,8 @@ class CreateUser: NoLoMechanism {
return "English" + templateName
case "fr":
return "French" + templateName
case "de":
return "German" + templateName
case "it":
return "Italian" + templateName
case "ja":
......
......@@ -558,7 +558,7 @@ class SignIn: NSWindowController, DSQueryable {
if self.didUpdateFail == true {
self.migrateText.stringValue = "Invalid password. Try again."
} else {
self.migrateText.stringValue = "Active Directory password does not match local password. Please enter your previous local password to update it."
self.migrateText.stringValue = getManagedPreference(key: .MessagePasswordSync) as? String ?? "Active Directory password does not match local password. Please enter your previous local password to update it."
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment