2

I've recently enabled LDAP based authentication on my domain. This has allowed us to use a single set of credentials to administer the blog, the forum and the wiki.

Unfortunately, this has come at the cost of users being able to change their own passwords.

Ideally, users would be able to visit a page (i.e. mydomain.com/account), authenticate and then change their password.

Does anyone know of a script or app that will allow me to do this quickly and easily? I guess it wouldn't be hard to write in PHP, but I'd prefer not to have the hassle.

Tom Wright
  • 914
  • 3
  • 12
  • 25
  • Cross posted: http://webmasters.stackexchange.com/questions/2975/is-there-an-app-script-i-can-deploy-to-enable-my-users-to-change-their-own-ldap-p – Tom Wright Sep 12 '10 at 14:23

4 Answers4

4

I you might be interested in phpLdapPassword.

phpLdapPasswd is a system that allows certain password management functions to be initiated from a standard web browser. As the name suggests, phpLdapPasswd is designed to integrate with an LDAP directory. The core functionality includes password changes and password resets. Templates, CSS directives and external functions allow for a high degree of flexibility in how phpLdapPasswd looks and acts. However, quick deployments are also possible by using the included default files and settings.

Tim Bielawa
  • 656
  • 4
  • 6
  • Hmmm... first item in the webpage: "NOTE: phpLdapPasswd is NO LONGER being maintained or supported" – Jason S Sep 29 '11 at 19:30
3

I found phpLdapPasswd the most flexible solution.

As the original site of phpLdapPasswd is down and Karyl discontinued development, I added a separate github project: https://github.com/koppor/phpLdapPasswd

koppor
  • 201
  • 5
  • 11
2

I've coded one a little while ago and blogged about it. It enforces a 6 characters password with a minimum of 1 special character. The blog post is in french, but the code is commented in english.

blog post: http://jve.linuxwall.info/blog/index.php?post/2009/03/15/Changer-un-mot-de-passe-LDAP tar with the php: http://jve.linuxwall.info/ressources/code/ldapchangepasswd.tar

Feel free to contact me if some of the functions are unclear

Julien Vehent
  • 2,927
  • 18
  • 26
1

What you need to do is bind as the user's DN, with the old password, and then modify: userPassword with the new password value.

Pretty much any script that does that should work.

geoffc
  • 2,135
  • 5
  • 25
  • 37
  • This doesn't help so much with expired passwords (if your LDAP system has date-based expirations), but the general approach is the classic one for building password-change scripts. – Johnnie Odom Sep 12 '10 at 22:39