I am trying to use the ldappasswd -s option to set a users password but if I use certain characters i.e. '$&() it won't run the command because of the special characters, if I enclose the whole password in double quotes it at least accepts the command but it doesn't change the password correctly because I can't login using the new password. If I run the ldappasswd -S so it prompts and I manually enter the same password it sets it correctly and I can then login with the new password. What is the difference on how the -s and -S sets the password. I need to use the -s for a webpage that I have setting the password. Thank you
--On Tuesday, August 28, 2007 1:47 PM -0400 Rick Tautin rtautin@coppolaenterprises.net wrote:
I'd think in the first case (with -s) it is including the quotes as a part of the password. It is often inadvisable to use binaries in things like web pages. Why not use Net::LDAPapi or Net::LDAP (both perl) or PHP to do the password change?
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
Why not use Net::LDAPapi or Net::LDAP (both perl) or PHP to do the password change?
PHP can't do ldap exops (without my patch: http://www.sys-net.it/~ando/Download/#PHP).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
--On Tuesday, August 28, 2007 8:16 PM +0200 Pierangelo Masarati ando@sys-net.it wrote:
Ah.. Have you filed a bug with the PHP folks? ;)
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Quanah Gibson-Mount wrote:
Well, I tried, but got bounced with arguments like:
- too many functions for a functionality (support for generic controls in requests & responses; support for well-known controls, from either RFCs or I.D.s; support for generic extended operations and extended responses; support for well-known extended operations from RFCs or I.D.s)
- function naming not intuitive (mutuated from the underlying libldap)
- I made the mistake of using ldap_sasl_bind, which contains SASL it its name; since my patch had nothing to do with SASL, this caused rejection.
I could not argue to this, but I routinely get feedback from people that download my patch and ask when is it going to be included in PHP. Note that my patch is maintained for PHP HEAD, but it applies almost straightforward back to PHP 4, which is (finally) being dismissed this year. This is to mention how well maintained LDAP support is. I even offered to become the maintainer myself, instead of those braindead who (don't) take care of it right now. Probably, I'm not competent enough.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
Pierangelo Masarati wrote:
Yeah, I don't think you have the experience to be honest. PHP is for expert programmers, not C hackers. You should know that!
;-)
On Tuesday 28 August 2007 19:47:13 Rick Tautin wrote:
I am trying to use the ldappasswd -s option to set a users password ... I need to use the -s for a webpage that I have setting the password.
Besides the problems in actually setting the password, you need to be careful with security issues here of course ...
openldap-software@openldap.org