disable "account_lid" input, if backend (eg. AD) does not allow changing it

admin/inc/class.uiaccounts.inc.php

@@ -1424,7 +1424,10 @@
 			$var = Array(
 				'input_expires' 	=> $jscal->input('expires',$userData['expires']<0?'':($userData['expires']?$userData['expires']:time()+(60*60*24*7))),
 				'lang_never'    	=> lang('Never'),
-				'account_lid'   	=> $accountPrefix.'<input id="account" onchange="check_account_email(this.id);" name="account_lid" maxlength="64" value="' . $userData['account_lid'] . '">',
+				'account_lid'   	=> $accountPrefix.html::input('account_lid', $userData['account_lid'], '',
+					'id="account" onchange="check_account_email(this.id);" maxlength="64"'.
+					// disable account_lid input, if backend does not allow to change it
+					($GLOBALS['egw']->accounts->change_account_lid_allowed() ? '' : ' disabled="disabled"')),
 				'lang_homedir'  	=> $lang_homedir,
 				'lang_shell'    	=> $lang_shell,
 				'homedirectory' 	=> $homedirectory,

phpgwapi/inc/class.accounts.inc.php

@@ -948,6 +948,18 @@ class accounts
 		return $this->backend->update_lastlogin($account_id, $ip);
 	}
 
+	/**
+	 * Query if backend allows to change username aka account_lid
+	 *
+	 * @return boolean false if backend does NOT allow it (AD), true otherwise (SQL, LDAP)
+	 */
+	function change_account_lid_allowed()
+	{
+		$change_account_lid = constant(get_class($this->backend).'::CHANGE_ACCOUNT_LID');
+		if (!isset($change_account_lid)) $change_account_lid = true;
+		return $change_account_lid;
+	}
+
 	function list_methods($_type='xmlrpc')
 	{
 		if (is_array($_type))

phpgwapi/inc/class.accounts_ads.inc.php

@@ -58,6 +58,11 @@ class accounts_ads
 	 */
 	const EXPIRES_NEVER = '9223372036854775807';
 
+	/**
+	 * AD does NOT allow to change sAMAccountName / account_lid
+	 */
+	const CHANGE_ACCOUNT_LID = false;
+
 	/**
 	 * Attributes to query to be able to generate account_id and account_lid
 	 *