[Tickets #3229] RESOLVED: cannot change ldap password without anonymous bind allowed

bugs@bugs.horde.org bugs at bugs.horde.org
Sun Jan 15 09:55:23 PST 2006


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/?id=3229
-----------------------------------------------------------------------
 Ticket             | 3229
 Updated By         | mi.braun at onlinehome.de
 Summary            | cannot change ldap password without anonymous bind allowed
 Queue              | Passwd
 Version            | HEAD
 State              | Resolved
 Priority           | 2. Medium
 Type               | Bug
 Owners             | Jan Schneider
-----------------------------------------------------------------------


mi.braun at onlinehome.de (2006-01-15 09:55) wrote:

Okay, I don't need guestdn for the following reason:
The password can only be changed by admindn or by the user himself.
So if the user can connect, then he can determine his own dn. This binding
needs to be possible, as ldap login does the same. But ldap login uses the
_passwd_username_hook.
Otherwise the admin can connect and he should be able to determine the
userdn too.

So if checking for userdn existance uses the _passwd_username_hook, it
should be fine.
I proposed such a patch in bug 2756.




More information about the bugs mailing list