847-505-9933 | +91 20 66446300 info@datametica.com

Change LDAP password using php script

Hey Guys,

Hope you all are doing well :)

Today I would like to share how to change LDAP password using simple web interface (php). We are using openldap configured on linux server and I wanted to make simple web interface to change openldap password, below are the scripts and procedure how did I achieve it.

 

1. Create a shell script to change ldap password and test it for some user.

 

E.g. – This is my shell script.

Please note that, values marked with red colour need to be replaced with your ldap configuration settings.

#!/bin/bash
#Script developed by – Kuldeep Kulkarni

if [ $# -ne 3 ] then
echo “Invalid number of arguments!”
exit 10;
fi

ldappasswd -x -D “Admin account username(e.g. Manager)”,dc=your-domain,dc=com” “uid=$1,ou=people,dc=your-domain,dc=com”-a $2 -s $3 -wyour ldap password for admin user

pass_change_status=$?

if [ $pass_change_status -eq 0 ] then
echo “0”;
else
echo  “Found error while resetting your password! Please contact Admin team.”;
fi

 

2. Save above script as /var/www/html/change_ldap_pass.sh on your openldap server (assuming here that you have httpd pkg installed on your linux machine)

 

3. Create /var/www/html/index.php script with below contents on your openldap server 

 

############Start of the Script##############

<?php
$message=””;
function changePassword($username, $old_password, $new_password)
{
$return_message=exec(“sh change_ldap_pass.sh $username $old_password $new_password”);
if($return_message==”0″)
{
echo “Your password has been Changed!”;
}
else
{
echo “Error while changing password : $return_message”;
}

}

?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml” xml:lang=”en” lang=”en”>
<head>
<title>Password Change Page</title>
<style type=”text/css”>
body { font-family: Verdana,Arial,Courier New; font-size: 0.7em; }
th { text-align: right; padding: 0.8em; }
#container { text-align: center; width: 500px; margin: 5% auto; }
.msg_yes { margin: 0 auto; text-align: center; color: green; background: #D4EAD4; border: 1px solid green; border-radius: 10px; margin: 2px; }
.msg_no { margin: 0 auto; text-align: center; color: red; background: #FFF0F0; border: 1px solid red; border-radius: 10px; margin: 2px; }
</style>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″/>
</head>
<body>
<div id=”container”>
<h2>Password Change Page</h2>
<p>Your new password must be 8 characters long or longer and have at least:<br/>
one capital letter, one lowercase letter, &amp; one number.<br/>
You must use a new password, your current password<br/>can not be the same as your new password.</p>
<?php
if (isset($_POST[“submitted”])) {
changePassword($_POST[‘username’],$_POST[‘oldPassword’],$_POST[‘newPassword1′],$_POST[‘newPassword2′]);
}
?>
<form action=”<?php print $_SERVER[‘PHP_SELF’]; ?>” name=”passwordChange” method=”post”>
<table style=”width: 400px; margin: 0 auto;”>
<tr><th>Username:</th><td><input name=”username” type=”text” size=”20px” autocomplete=”off” /></td></tr>
<tr><th>Current password:</th><td><input name=”oldPassword” size=”20px” type=”password” /></td></tr>
<tr><th>New password:</th><td><input name=”newPassword1″ size=”20px” type=”password” /></td></tr>
<tr><th>New password (again):</th><td><input name=”newPassword2″ size=”20px” type=”password” /></td></tr>
<tr><td colspan=”2″ style=”text-align: center;” >
<input name=”submitted” type=”submit” value=”Change Password”/>
<button onclick=”$(‘frm’).action=’changepassword.php';$(‘frm’).submit();”>Cancel</button>
</td></tr>
</table>
</form>
</div>
</body>
</html>

############End of the Script##############

 

4. Hit $IP_address_of_openldap_server or $openldap_server_name/index.php in your browser and it should work!

 

 

blogs Kuldeep

 

 

5. Feel free to comment if you face any issues  :-)

 

Blog post by:
Kuldeep Kulkarni

Leave a Comment

POST COMMENT Back to Top
*
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.