Changing LDAP User’s Password Web-Based / 389-ds / Redhat-ds / Fedora-DS / LDAP


This article will show you how to change password of LDAP Users.

In This Article, I have demonstrated that How to change your Password for those users which are in 389-ds or Redhat-ds.

This is very simple you just need to change few parameters and You will able to change password of Ldap users from 389-ds.

Note :- If you have not Customized LDAP Attributes or Access Rights for Changing Password then it will work, I have Successfully tested the same on RHEL / CentOS 5.x / CentOS 6.x / RHEL 6.x and 389-ds.

Perform Following steps for the same.

Step 1:- Make Sure your LDAP Configured and You have correct Suffix ( i.e dc=tejasbarot,dc=com )

Step 2 :- Make Sure php-ldap Package is installed.

[root@tejas-barot-linux-support-ahmedabad ~]# yum install php-ldap

Step 3 :- Download the Following PHP Script, Thanks to the Original Script I have Modified Suffix for Understanding Purpose.

[root@tejas-barot-linux-support-ahmedabad ~]# wget -c

Steps 4:- Now Rename the Script from ldap_pass_change.phps to ldap_pass_change.php

Step 5 :- Now Modify the Suffix in .php file, Open PHP File and Modify 3rd Line which Contains $dn

Change $dn 
$dn = "dc=tejasbarot,dc=com"
$dn = "dc=your,dc=suffix"
Save and Exit from File

Step 6:- Put this Script to your WebRoot Directory (i.e. /var/www/html/ )

Step 7:- Make Sure That PHP Script is executable by your Webserver through URL (i.e. or http://localhost/ldap_pass_change.php or )

You will able to see Following Screen :-

LDAP Change Password

LDAP Change Password


Step 6:- Now Put Values Like Below Screen Shot :-


Fill the Text Boxes

Fill the Text Boxes


Step 7 :- Once Password get changed, You will get a Notifications like below :-


Successful Password Change

Successful Password Change


Thanks to Original Script :-

Hope this will helps you all, If you face any issue regarding the same or its not working for your some how then please raise your questions / issues then comment down below.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

All Linux User’s Blog Mobile Applications :-

Please Keep in Touch with Social Networking :- 

Facebook Page :-

Enjoy LDAP 🙂 Enjoy Changing Passwords 🙂 Enjoy Linux 🙂 Enjoy Open Source


Content Protection by

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.



  • Tejas Barot says:

    Hi Bob,

    It’s Working.

  • BobMarley says:

    Link’s working again now.

    Looks really good! If anyone wants to use SSHA, then that’s simple to do as well. Just change:

    $entry["userPassword"] = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) );



    $salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());

    $entry["userPassword"] = "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt)) . $salt);

    Just choose your salt with care 😉

  • BobMarley says:

    Could you please post the script here? The link no longer works.

    Thanks 🙂

  • Tejas Barot says:


    Which script you are talking about ? PHP ?

  • Chakri says:

    Hi Tejas,
    First of all thank you so much for your script. I am having difficulties using your script. Here is my issue. From the command line the ldapmodify works but when using your script it gives the “E200 – Your password cannot be change, please contact the administrator.”. Any advice?

    cat /tmp/new_mod.ldiff
    dn: cn=testuser,ou=Users,dc=example,dc=com

    ldapmodify -xx -H ‘ldap://’ -D “cn=Manager,dc=example,dc=com” -w ‘xxxxxx’ -f /tmp/new_mod.ldif

    Thank you

  • rakesh says:

    i am configured samba pdc

    so all users are added by a script

    smbldap-useradd -a username
    smbldap-passwd username

    default all users have sha encryption password

    when i am trying to change password using you script i am getting error

    wrong user or
    E200 Your password cannot be change , Please contact the administrator

  • Tejas Barot says:

    IF User is not able to change password, Check for LDAP Attributes or we can say like ACL is given to user for changing password or not.

  • rakesh says:

    while changing password i am getting this eroor
    please help

    E200 – Your password cannot be change, please contact the administrator.

  • Tejas Barot says:


    Glad it worked for you.

  • Savitoj says:

    Great ! Thanks Mr. Tejas Barot it works fine for me…

    God Bless,


Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Are you Human ? * Time limit is exhausted. Please reload CAPTCHA.