Re: changing userPassword from custom application

[Zdenek Styblik <stybla@turnovfree.net>]

Howard Chu wrote:
> Zdenek Styblik wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hello,
>>
>> let's open up old wounds. Ok, it sounds jerky, but I don't mean it.
>>
>> Anyway. As the subject suggests, my question is how to code application
>> which allows user to change his password. Or better to ask, if there is
>> some [to me] unknown LDAP function which figures out what password
>> encryption [hash] is used and generates new hash of password, if
>> application should have idea at all what kind of password encryption is
>> used.
>> I think this is just impossible. Login is one thing, changing password
>> is another.
> 
> That's what ldappasswd is for. And no, the application should never have
> any idea what encryption a server uses. That's purely a server-internal
> issue.
> 

Then there should be API or mechanisms which do allow such behavior. If
you mean calling % ldappasswd; as an external script, then it is %
slappasswd; all over again. Such option is always the last one.
But, this is just my opinion and I'm perfectly fine if you don't agree :)

Zdenek

-- 
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net