[Tickets #3229] RESOLVED: cannot change ldap password without anonymous bind allowed
bugs@bugs.horde.org
bugs at bugs.horde.org
Sun Jan 15 09:55:23 PST 2006
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=3229
-----------------------------------------------------------------------
Ticket | 3229
Updated By | mi.braun at onlinehome.de
Summary | cannot change ldap password without anonymous bind allowed
Queue | Passwd
Version | HEAD
State | Resolved
Priority | 2. Medium
Type | Bug
Owners | Jan Schneider
-----------------------------------------------------------------------
mi.braun at onlinehome.de (2006-01-15 09:55) wrote:
Okay, I don't need guestdn for the following reason:
The password can only be changed by admindn or by the user himself.
So if the user can connect, then he can determine his own dn. This binding
needs to be possible, as ldap login does the same. But ldap login uses the
_passwd_username_hook.
Otherwise the admin can connect and he should be able to determine the
userdn too.
So if checking for userdn existance uses the _passwd_username_hook, it
should be fine.
I proposed such a patch in bug 2756.
More information about the bugs
mailing list