[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: password change and ppolicy

On Friday 12 June 2009 16:31:50 Gustavo Mendes de Carvalho wrote:
> Hi Tizo,
> Suposed that your users has to login in some linux/Unix machine using their
> LDAP accounts, I sugest you to create some binary or script to allow your
> users to change their passwords invoking ldappasswd command.
> I mean, you can create a C program or shell script or even a PHP page,

Since PHP doesn't support LDAP controls, PHP is a bad choice for this.

> to
> validate some weaks in their passwords, like min length, capital letters,
> numbers, and so on.

The best place to implement the password policy is on the LDAP server, since 
it is more flexible (multiple policies) and applies to all applications 
changing passwords.

I use the attached perl script as a CGI (to allow users to check and change 
their password).


Attachment: ldap-password.pl
Description: Perl program