[horde] SOLVED: changing LDAP passwords using horde/passwd
A. Schulze
sca at andreasschulze.de
Fri Sep 5 08:34:43 UTC 2014
Hello,
in Nov 2013 there was a question on this list about $subject
http://lists.horde.org/archives/horde/Week-of-Mon-20131118/050046.html
Now I finally found a working setup for horde/passwd-5.0.1
Problem:
horde/passwd allow changes only if users ldap dn could be constructed.
( see file horde/passwd/lib/Driver/Ldap.php, Line 108 ff. )
I changed Line 110 to call findUserDN ( trivial patch attached )
Now I only need to define the backend:
$ cat horde/passwd/config/backends.local.php
<?php
$backends['ldap']['disabled'] = false;
$backends['ldap']['logout'] = true;
$backends['ldap']['params']['host'] = 'ldaps://ldap.example.org';
$backends['ldap']['params']['basedn'] = 'dc=example,dc=org';
// undocumented magic: how to find a userdn
$backends['ldap']['params']['user']['objectclass'] = 'MYOBJECTCLASS';
$backends['ldap']['params']['user']['uid'] = 'MYUID';
$
the last two lines and the patch make horde to search a dn, rebind and
then write a new userPassword Attribute.
Of course the ldapserver must allow the user write it's on password
attribute...
conn=2437 op=4 SRCH base="dc=example,dc=org" scope=2 deref=0
filter="(&(objectClass=MYOBJECTCLASS)(MYUID=user at example.org))"
conn=2437 op=4 SRCH attr=MYUID
conn=2437 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=2437 op=5 BIND dn="id=4711,ou=testuser,dc=example,dc=org" method=128
conn=2437 op=5 BIND dn="id=4711,ou=testuser,dc=example,dc=org"
mech=SIMPLE ssf=0
conn=2437 op=5 RESULT tag=97 err=0 text=
conn=2437 op=6 SRCH base="id=4711,ou=testuser,dc=example,dc=org"
scope=0 deref=0 filter="(objectClass=*)"
conn=2437 op=6 SEARCH RESULT tag=101 err=0 nentries=1 text=
conn=2437 op=7 MOD dn="id=4711,ou=testuser,dc=example,dc=org"
conn=2437 op=7 MOD attr=userPassword
conn=2437 op=7 RESULT tag=103 err=0 text=
conn=2437 op=8 UNBIND
Andreas.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: horde_passwd_ldap.patch
Type: text/x-diff
Size: 604 bytes
Desc: not available
URL: <http://lists.horde.org/archives/horde/attachments/20140905/d7a7c3fb/attachment.bin>
More information about the horde
mailing list