--- loncom/lonnet/perl/lonnet.pm	2001/12/28 19:48:42	1.195
+++ loncom/lonnet/perl/lonnet.pm	2002/01/04 16:31:41	1.197
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.195 2001/12/28 19:48:42 www Exp $
+# $Id: lonnet.pm,v 1.197 2002/01/04 16:31:41 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -65,6 +65,8 @@
 # 12/6,12/7,12/12 Gerd Kortemeyer
 # 12/18 Scott Harrison
 # 12/21,12/22,12/27,12/28 Gerd Kortemeyer
+# YEAR=2002
+# 1/4 Gerd Kortemeyer
 #
 ###
 
@@ -1704,14 +1706,25 @@ sub assignrole {
 }
 
 # -------------------------------------------------- Modify user authentication
+# Overrides without validation
+
 sub modifyuserauth {
     my ($udom,$uname,$umode,$upass)=@_;
     my $uhome=&homeserver($uname,$udom);
-    &logthis('Call to modify user authentication'.$udom.', '.$uname.', '.
+    unless (&allowed('mau',$udom)) { return 'refused'; }
+    &logthis('Call to modify user authentication '.$udom.', '.$uname.', '.
              $umode.' by '.$ENV{'user.name'}.' at '.$ENV{'user.domain'});  
     my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
 		     &escape($upass),$uhome);
+    &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.home'},
+        'Authentication changed for '.$udom.', '.$uname.', '.$umode.
+         '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+    &log($udom,,$uname,$uhome,
+        'Authentication changed by '.$ENV{'user.domain'}.', '.
+                                     $ENV{'user.name'}.', '.$umode.
+         '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
     unless ($reply eq 'ok') {
+        &logthis('Authentication mode error: '.$reply);
 	return 'error: '.$reply;
     }   
     return 'ok';
@@ -1721,10 +1734,11 @@ sub modifyuserauth {
 
 
 sub modifyuser {
-    my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene)=@_;
+    my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,
+        $forceid)=@_;
     &logthis('Call to modify user '.$udom.', '.$uname.', '.$uid.', '.
              $umode.', '.$first.', '.$middle.', '.
-	     $last.', '.$gene.' by '.
+	     $last.', '.$gene.'(forceid: '.$forceid.') by '.
              $ENV{'user.name'}.' at '.$ENV{'user.domain'});  
     my $uhome=&homeserver($uname,$udom);
 # ----------------------------------------------------------------- Create User
@@ -1762,7 +1776,8 @@ sub modifyuser {
     if ($uid) {
        $uid=~tr/A-Z/a-z/;
        my %uidhash=&idrget($udom,$uname);
-       if (($uidhash{$uname}) && ($uidhash{$uname}!~/error\:/)) {
+       if (($uidhash{$uname}) && ($uidhash{$uname}!~/error\:/) 
+         && (!$forceid)) {
 	  unless ($uid eq $uidhash{$uname}) {
 	      return 'error: mismatch '.$uidhash{$uname}.' versus '.$uid;
           }
@@ -1791,14 +1806,14 @@ sub modifyuser {
 
 sub modifystudent {
     my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,
-        $end,$start)=@_;
+        $end,$start,$forceid)=@_;
     my $cid='';
     unless ($cid=$ENV{'request.course.id'}) {
 	return 'not_in_class';
     }
 # --------------------------------------------------------------- Make the user
     my $reply=&modifyuser
-	($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene);
+	($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$forceid);
     unless ($reply eq 'ok') { return $reply; }
     my $uhome=&homeserver($uname,$udom);
     if (($uhome eq '') || ($uhome eq 'no_host')) {