On Friday 12 June 2009 16:31:50 Gustavo Mendes de Carvalho wrote:
Hi Tizo,
Suposed that your users has to login in some linux/Unix machine using their LDAP accounts, I sugest you to create some binary or script to allow your users to change their passwords invoking ldappasswd command.
I mean, you can create a C program or shell script or even a PHP page,
Since PHP doesn't support LDAP controls, PHP is a bad choice for this.
to validate some weaks in their passwords, like min length, capital letters, numbers, and so on.
The best place to implement the password policy is on the LDAP server, since it is more flexible (multiple policies) and applies to all applications changing passwords.
I use the attached perl script as a CGI (to allow users to check and change their password).
Regards, Buchan