Hey Guys,
Hope you all are doing well :)
Today I would like to share how to change LDAP password using simple web interface (php). We are using openldap configured on linux server and I wanted to make simple web interface to change openldap password, below are the scripts and procedure how did I achieve it.
E.g. - This is my shell script.
Please note that, values marked with red colour need to be replaced with your ldap configuration settings.
############Start of the Script##############
#!/bin/bash
#Script developed by - Kuldeep Kulkarni
if [ $# -ne 3 ]
then
echo "Invalid number of arguments!"
exit 10;
fi
ldappasswd -x -D "cn="Admin account username(e.g. Manager)",dc=your-domain,dc=com" "uid=$1,ou=people,dc=your-domain,dc=com" -a $2 -s $3 -w "your ldap password for admin user"
pass_change_status=$?
if [ $pass_change_status -eq 0 ]
then
echo "0";
else
echo "Found error while resetting your password! Please contact Admin team.";
fi
############End of the Script##############
############Start of the Script##############
<?php
$message="";
function changePassword($username, $old_password, $new_password)
{
$return_message=exec("sh change_ldap_pass.sh $username $old_password $new_password");
if($return_message=="0")
{
echo "Your password has been Changed!";
}
else
{
echo "Error while changing password : $return_message";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Password Change Page</title>
<style type="text/css">
body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; }
th { text-align: right; padding: 0.8em; }
#container { text-align: center; width: 500px; margin: 5% auto; }
.msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; }
.msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; }
</style>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
</head>
<body>
<div id="container">
<h2>Password Change Page</h2>
<p>Your new password must be 8 characters long or longer and have at least:<br/>
one capital letter, one lowercase letter, & one number.<br/>
You must use a new password, your current password<br/>can not be the same as your new password.</p>
<?php
if (isset($_POST["submitted"])) {
changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']);
}
?>
<form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post">
<table style="width: 400px; margin: 0 auto;">
<tr><th>Username:</th><td><input name="username" type="text" size="20px" autocomplete="off" /></td></tr>
<tr><th>Current password:</th><td><input name="oldPassword" size="20px" type="password" /></td></tr>
<tr><th>New password:</th><td><input name="newPassword1" size="20px" type="password" /></td></tr>
<tr><th>New password (again):</th><td><input name="newPassword2" size="20px" type="password" /></td></tr>
<tr><td colspan="2" style="text-align: center;" >
<input name="submitted" type="submit" value="Change Password"/>
<button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button>
</td></tr>
</table>
</form>
</div>
</body>
</html>
############End of the Script##############
-Kuldeep Kulkarni
kuldeepkulkarni09@gmail.com
Hope you all are doing well :)
Today I would like to share how to change LDAP password using simple web interface (php). We are using openldap configured on linux server and I wanted to make simple web interface to change openldap password, below are the scripts and procedure how did I achieve it.
1. Create a shell script to change ldap password and test it for some user.
E.g. - This is my shell script.
Please note that, values marked with red colour need to be replaced with your ldap configuration settings.
############Start of the Script##############
#!/bin/bash
#Script developed by - Kuldeep Kulkarni
if [ $# -ne 3 ]
then
echo "Invalid number of arguments!"
exit 10;
fi
ldappasswd -x -D "cn="Admin account username(e.g. Manager)",dc=your-domain,dc=com" "uid=$1,ou=people,dc=your-domain,dc=com" -a $2 -s $3 -w "your ldap password for admin user"
pass_change_status=$?
if [ $pass_change_status -eq 0 ]
then
echo "0";
else
echo "Found error while resetting your password! Please contact Admin team.";
fi
############End of the Script##############
2. Save above script as /var/www/html/change_ldap_pass.sh on your openldap server (assuming here that you have httpd pkg installed on your linux machine )
3. Create /var/www/html/index.php script with below contents on your openldap server
############Start of the Script##############
<?php
$message="";
function changePassword($username, $old_password, $new_password)
{
$return_message=exec("sh change_ldap_pass.sh $username $old_password $new_password");
if($return_message=="0")
{
echo "Your password has been Changed!";
}
else
{
echo "Error while changing password : $return_message";
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Password Change Page</title>
<style type="text/css">
body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; }
th { text-align: right; padding: 0.8em; }
#container { text-align: center; width: 500px; margin: 5% auto; }
.msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; }
.msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; }
</style>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
</head>
<body>
<div id="container">
<h2>Password Change Page</h2>
<p>Your new password must be 8 characters long or longer and have at least:<br/>
one capital letter, one lowercase letter, & one number.<br/>
You must use a new password, your current password<br/>can not be the same as your new password.</p>
<?php
if (isset($_POST["submitted"])) {
changePassword($_POST['username'],$_POST['oldPassword'],$_POST['newPassword1'],$_POST['newPassword2']);
}
?>
<form action="<?php print $_SERVER['PHP_SELF']; ?>" name="passwordChange" method="post">
<table style="width: 400px; margin: 0 auto;">
<tr><th>Username:</th><td><input name="username" type="text" size="20px" autocomplete="off" /></td></tr>
<tr><th>Current password:</th><td><input name="oldPassword" size="20px" type="password" /></td></tr>
<tr><th>New password:</th><td><input name="newPassword1" size="20px" type="password" /></td></tr>
<tr><th>New password (again):</th><td><input name="newPassword2" size="20px" type="password" /></td></tr>
<tr><td colspan="2" style="text-align: center;" >
<input name="submitted" type="submit" value="Change Password"/>
<button onclick="$('frm').action='changepassword.php';$('frm').submit();">Cancel</button>
</td></tr>
</table>
</form>
</div>
</body>
</html>
############End of the Script##############
4. Hit $IP_address_of_openldap_server or $openldap_server_name/index.php in your browser and it should work!
5. Feel free to comment if you face any issues :)
-Kuldeep Kulkarni
kuldeepkulkarni09@gmail.com