On Tue, Jul 27, 2010 at 8:22 AM, Buchan Milne bgmilne@staff.telkomsa.net wrote:
On Friday, 23 July 2010 21:49:36 Steven Truong wrote:
Dear, all. I have been searching low and high for a tool that can let users to change their passwords in 389 DS or OpenLDAP? I think there is a real need for such a tool and I hope that people already wrote such a tool...
Please share your ways of how you allow your users to change their passwords or other setup/architecture that allow this function.
Beside that, I also recommend Apache Studio as a great tool to work with LDAP servers..... Thank you in advance.
For users who don't authenticate via PAM or similar, I wrote a simple perl CGI (which supports ppolicy):
http://staff.telkomsa.net/~bgmilne/ldap/ldap-passwd.pl
I use it in conjunction with a script to notify users of their impending password expiry:
http://staff.telkomsa.net/~bgmilne/ldap/find-ldap-expired.pl
They share config files, but you can use the first without the 2nd.
I have only used it against OpenLDAP so far, but I might need to add support for AD soon ...
Regards, Buchan
Thank you very much for your responses. Those were some very valuable information and I am definitely going to try some of your suggestions....