LDAP to change user password

ldap change-password
neobie picture neobie · Jan 27, 2011 · Viewed 74.6k times · Source

As I know, in PHP, we need to connect LDAP over SSL in order to change user password.

Is there another way, E.G, other language (JAVA / ASP) to change LDAP password without SSL required?

Thanks.

Updates: I get "Warning: ldap_mod_replace() [function.ldap-mod-replace]: Modify: Insufficient access" when I try to modify self account password. If i try to change other user password, I get no error message, but the password still stick to the old one.

Answer

xelco52 picture xelco52 · Jan 27, 2011

Many LDAP implementations do indeed require SSL or TLS in order to change/set passwords. This is a requirement set by the LDAP server, not the language used to access it. Changing languages will not permit you to override this particular server requirement.

I understand that there are extenuating circumstances where you may not be able to establish a SSL/TLS connection, but in general, you absolutely want to be encrypting password functions like this - even if the server doesn't require it.

Edit: I bet the answer can be founds in the slapd logs. Also worth reviewing the ACLs: OpenLDAP Software 2.4 Administrator's Guide, Section 8. Access Control.

Related questions

What are the differences between LDAP and Active Directory?

What are the differences between LDAP and Active Directory?

Read More
What are CN, OU, DC in an LDAP search?

I have a search query in LDAP like this. What exactly does this query mean? ("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");

Read More
How to write LDAP query to test if user is member of a group?

I want to write an LDAP query which tests whether a user (sAMAccountName) is a member of a particular group. Is it possible to do that so that I get either 0 or 1 result records? I guess I can get all …

Read More