mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-30 17:13:19 -05:00
Merge pull request #5366 from Ylianst/ldap-changepassword-temp-fix
deny sspi and ldap password change
This commit is contained in:
commit
b087ed0f50
@ -1821,6 +1821,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
// If this account is settings locked, return here.
|
// If this account is settings locked, return here.
|
||||||
if ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 1024) != 0)) return;
|
if ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 1024) != 0)) return;
|
||||||
|
|
||||||
|
// Do not allow change password if sspi or ldap
|
||||||
|
if ((domain.auth == 'sspi') || (domain.auth == 'ldap')) return;
|
||||||
|
|
||||||
// Change our own password
|
// Change our own password
|
||||||
if (common.validateString(command.oldpass, 1, 256) == false) break;
|
if (common.validateString(command.oldpass, 1, 256) == false) break;
|
||||||
if (common.validateString(command.newpass, 1, 256) == false) break;
|
if (common.validateString(command.newpass, 1, 256) == false) break;
|
||||||
|
Loading…
Reference in New Issue
Block a user