Hi all.. I am facing problem in password changing of user. The user has to pass the old password and new paswd. Since I have enabled the pwdSafeModify in LDAP, my LDAP wil not allow to change without the old password. But php ldap_mod_replace and modify functions specify only new passwords. So anybody please tell me how can I pass both old and new passwords to LDAP.. Thanks in advance
I was also unable to find any implementation in PHP of the PASSMOD action described in RFC 3062. A standard mod_replace attempt fails, requesting that the user also supply the old password. Although PHP also has the Net::LDAP library through PEAR, I was unable to find the 'SetPassword' extension provided by the Net::LDAP library in perl. Thus, a simple perl script was pasted together: #!/usr/bin/perl # Requires: perl-ldap, perl-IO-Socket-SSL use Net::LDAP; use Net::LDAP::Extension::SetPassword; $host = shift; $dn = shift; $pw_old = shift; $pw_new = shift; $ldap = Net::LDAP->new($host); $result = $ldap->start_tls(); die "Error: ".$result->error()."\n" if $result->code(); $ldap->bind( $dn, password => $pw_old ); $result = $ldap->set_password( oldpasswd => $pw_old, newpasswd => $pw_new ); print $result->error(); Code (markup): Call this from PHP using exec(): $host = 'your ldap host'; $dn = 'full dn of user changing pass'; $result = exec("passmod.pl $host $dn $pw_old $pw_new"); Code (markup): If anyone has a true PHP implementation of this, please let me know.