There's got to be a FOSS web-based LDAP password reset app out there, right? [closed]
It seems like every shop that uses LDAP at some point has to cobble together something to let users reset their passwords without bothering the IT staff. The workflow almost always looks like:
- User gives username (jblow)
- Email jblow@company a link
- User clicks link, puts in a new password
On the backend, that corresponds to:
- Web form gets a username, stores (username, big unique string) in a DB, emails big unique string to username@company
- Other form has a click on https://site/pwreset/big unique string , uses that to authenticate the user, changes their password
Right? So, has someone written one of these that they share? I'd rather use one that's had a bit more thought put into it than the 10 minute job everyone seems to do.
I did a quick search of Sourceforge, Freshmeat etc and didn't find anything that wasn't abandoned.
We use horde for password changes, but not sure if it can fit the workflow you want.
This isn't the best documented project, but it has the advantage of being fairly simple PHP with a couple of installers for various linux flavors that get it up and running fast:
http://ltb-project.org/wiki/documentation/self-service-password/
If you are concerned about security, my recommendation is to use a more fully supported widely used package, since I don't know how well this project has been put through its paces.
phpLdapPasswd, but it is no longer being maintained.
ADSelfService Plus from ManageEngine is available in a free version. You'll have to check it out for yourself to determine the limitations of the free version to see if it fits your needs.