<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr"> <head> <meta name="generator" content= "HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" /> <title>Lemonldap::NG documentation: 4.7-LDAP-password-backend.html</title> <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" /> <style type="text/css"> /*<![CDATA[*/ body{ background: #ddd; font-family: sans-serif; font-size: 11pt; padding: 0 50px; } div.main-content{ padding: 10px; background: #fff; border: 2px #ccc solid; } a{ text-decoration: none; } p.footer{ text-align: center; margin: 5px 0 0 0; } .heading-1{ text-align: center; color: orange; font-variant: small-caps; font-size: 20pt; } .heading-1-1{ color: orange; font-size: 14pt; border-bottom: 2px #ccc solid; } pre{ background: #eee; border: 2px #ccc solid; padding: 5px; border-left: 10px #ccc solid; } ul.star li{ list-style-type: square; } /*]]>*/ </style> </head> <body> <div class="main-content"> <h2 class="heading-1"><span id="HLDAPPasswordbackend">LDAP Password backend</span></h2> <p class="paragraph"></p> <ul> <li><a href="#HPresentation">Presentation</a></li> <li><a href="#HConfiguration">Configuration</a></li> <li><a href="#HActiveDirectory">Active Directory</a></li> <li><a href="#HSeealso">See also</a></li> </ul> <h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3> <p class="paragraph"></p>LDAP is the default password backend. <p class="paragraph"></p>If password policy is used, the flag "pwdReset" is set to TRUE when the user reset his password by mail. <h3 class="heading-1-1"><span id= "HConfiguration">Configuration</span></h3> <p class="paragraph"></p>Set the password backend: <div class="code"> <pre> passwordDB => LDAP, </pre> </div><br /> <br /> If no password backend is configured, LDAP is choosen by default.<br /> <br /> Parameters are the same as <span class="wikilink"><a href= "4.5-LDAP-authentication-backend.html">LDAP authentication backend</a></span>.<br /> <br /> You can also set these: <ul class="star"> <li><strong class="strong">ldapPpolicyControl</strong>: set to '1' to use LDAP password policy.</li> <li><strong class="strong">ldapSetPassword</strong>: set to '1' to use the LDAP extended operation "password modify" instead of standard modify operation.</li> <li><strong class="strong">ldapChangePasswordAsUser</strong>: set to '1' to perfom password modification with credentials of connected user. This requires to active the <strong class= "strong">portalRequireOldPassword</strong> option too.</li> <li><strong class="strong">portalRequireOldPassword</strong>: set to '1' to require old password when changing the password.</li> <li><strong class="strong">mailLDAPFilter</strong>: filter to use with user submitted email. By default:</li> </ul> <div class="code"> <pre> (&(mail=$mail)(objectClass=inetOrgPerson)) </pre> </div> <h3 class="heading-1-1"><span id="HActiveDirectory">Active Directory</span></h3><br /> <br /> Just adapt the search filter: <div class="code"> <pre> mailLDAPFilter => '(&(mail=$mail)(objectClass=person))', </pre> </div> <h3 class="heading-1-1"><span id="HSeealso">See also</span></h3> <ul class="star"> <li><span class="wikilink"><a href= "4.5-LDAP-authentication-backend.html">Auth LDAP</a></span></li> <li><span class="wikilink"><a href="4.6-LDAP-user-backend.html">User DBLDAP</a></span></li> <li><span class="wikilink"><a href= "4.8-Configure-password-policy.html">Doc Ppolicy</a></span></li> </ul> </div> <p class="footer"><a href="index.html">Index</a></p> </body> </html>