We went that route a few years back and have had good success. We
have the end-user log in to a site requiring a university password.
From there they can set their password in our departmental system
using our web form. The form code will create hashes of the password
and then encrypt those hashes with GnuPG. Another server then checks
for new password hash files, and decrypts and loads into LDAP. So,
not the smoothest system, but works well enough for us and is secure
enough for us. Since the university has their own password change
form, we do not have to deal with emailing links, etc. at all.
Someday we will simply tie into university ldap, but for now we run
On Thu, 7 Jul 2011, Rich Megginson wrote:
On 07/07/2011 12:36 PM, Kyller Costa Gorgônio wrote:
> I have setup my 389 directory server (in fact it's a centos-ds) and
> now I need to allow my users to change their passwordss. The problem
> is that most of my users do not have a shell script and/or I do not
> trust their clients.
> I need to provide some web page so that thay can do it. Does anyone
> has any sugestion?
> 389 users mailing list
389 users mailing list