Changing LDAP User’s Password Web-Based / 389-ds / Redhat-ds / Fedora-DS / LDAP

Hello,

This article will show you how to change password of LDAP Users.

In This Article, I have demonstrated that How to change your Password for those users which are in 389-ds or Redhat-ds.

This is very simple you just need to change few parameters and You will able to change password of Ldap users from 389-ds.

Note :- If you have not Customized LDAP Attributes or Access Rights for Changing Password then it will work, I have Successfully tested the same on RHEL / CentOS 5.x / CentOS 6.x / RHEL 6.x and 389-ds.

Perform Following steps for the same.

Step 1:- Make Sure your LDAP Configured and You have correct Suffix ( i.e dc=tejasbarot,dc=com )

Step 2 :- Make Sure php-ldap Package is installed.

[root@tejas-barot-linux-support-ahmedabad ~]# yum install php-ldap

Step 3 :- Download the Following PHP Script, Thanks to the Original Script I have Modified Suffix for Understanding Purpose.

[root@tejas-barot-linux-support-ahmedabad ~]# wget -c http://www.tejasbarot.com/Scripts/ldap_pass_change.phps

Steps 4:- Now Rename the Script from ldap_pass_change.phps to ldap_pass_change.php

Step 5 :- Now Modify the Suffix in .php file, Open PHP File and Modify 3rd Line which Contains $dn

Change $dn 
from 
$dn = "dc=tejasbarot,dc=com"
TO
$dn = "dc=your,dc=suffix"
Save and Exit from File

Step 6:- Put this Script to your WebRoot Directory (i.e. /var/www/html/ )

Step 7:- Make Sure That PHP Script is executable by your Webserver through URL (i.e. http://ldap.tejasbarot.com or http://localhost/ldap_pass_change.php or http://192.168.1.10/ldap_pass_change.php )

You will able to see Following Screen :-

LDAP Change Password

LDAP Change Password

 

Step 6:- Now Put Values Like Below Screen Shot :-

 

Fill the Text Boxes

Fill the Text Boxes

 

Step 7 :- Once Password get changed, You will get a Notifications like below :-

 

Successful Password Change

Successful Password Change

 

Thanks to Original Script :- http://www.warden.pl/docs/pass.phps

Hope this will helps you all, If you face any issue regarding the same or its not working for your some how then please raise your questions / issues at http://linuxforums.tejasbarot.com

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

Ask for Linux Commercial Support :- http://www.tejasbarot.com/linux-commercial-support/

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Please Keep in Touch with Social Networking :- 

Facebook :- https://www.facebook.com/tejasbarot.official

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Twitter :- https://www.twitter.com/imtejasbarot

LinkedIn :- http://in.linkedin.com/in/imtejasbarot

Enjoy LDAP :) Enjoy Changing Passwords :) Enjoy Linux :) Enjoy Open Source

 

Content Protection by DMCA.com

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.


10 Comments »

 
  • Tejas Barot says:

    Hi Bob,

    It’s Working.

  • BobMarley says:

    Link’s working again now.

    Looks really good! If anyone wants to use SSHA, then that’s simple to do as well. Just change:


    $entry["userPassword"] = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) );

    to


    mt_srand((double)microtime()*1000000);

    $salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());

    $entry["userPassword"] = "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt)) . $salt);

    Just choose your salt with care ;-)

  • BobMarley says:

    Could you please post the script here? The link no longer works.

    Thanks :-)

  • Tejas Barot says:

    Hello,

    Which script you are talking about ? PHP ?

  • Chakri says:

    Hi Tejas,
    First of all thank you so much for your script. I am having difficulties using your script. Here is my issue. From the command line the ldapmodify works but when using your script it gives the “E200 – Your password cannot be change, please contact the administrator.”. Any advice?

    cat /tmp/new_mod.ldiff
    dn: cn=testuser,ou=Users,dc=example,dc=com
    changetype:modify
    replace:userPassword
    userPassword:12345

    ldapmodify -xx -H ‘ldap://ldapserver.example.com’ -D “cn=Manager,dc=example,dc=com” -w ‘xxxxxx’ -f /tmp/new_mod.ldif

    Thank you
    Chakri

  • rakesh says:

    i am configured samba pdc

    so all users are added by a script

    smbldap-useradd -a username
    smbldap-passwd username

    default all users have sha encryption password

    when i am trying to change password using you script i am getting error

    wrong user or
    E200 Your password cannot be change , Please contact the administrator

  • Tejas Barot says:

    IF User is not able to change password, Check for LDAP Attributes or we can say like ACL is given to user for changing password or not.

  • rakesh says:

    while changing password i am getting this eroor
    please help

    E200 – Your password cannot be change, please contact the administrator.

  • Tejas Barot says:

    Hello,

    Glad it worked for you.

  • Savitoj says:

    Great ! Thanks Mr. Tejas Barot it works fine for me…

    God Bless,

 

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


+ eight = 13