Member Avatar for jstfsklh211

I'm trying to change user ldap passwords

heres the code

$ds = ldap_connect(LDAP_HOST, LDAP_PORT);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$bind = ldap_bind($ds, 'uid={admin},'.LDAP_BASEDN, '{admin password}');
$userpassword = "{SHA}" . base64_encode(sha1( '{password}', TRUE ));
$userdata = array("userPassword" => $userpassword);
$result = ldap_mod_replace($ds, 'uid={user},'.LDAP_BASEDN, $userdata);
ldap_close($ds);

$result returns true
i can even see the userpassword field change when i view the entry

but when i try to bind again using the new password it doesn't work, and the old password still works

running mac server 10.4

  • 2 Contributors
  • 2 Replies
  • 475 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 2 Replies

Member Avatar for diafol

ldap mod replace: see the comments on the php page: http://www.php.net/manual/en/function.ldap-mod-replace.php

Using this function to 'replace' an Active Directory password requires the "Reset Password" security permission as opposed to the "Change Password" permission (which is assigned by default to SELF)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.