I'll admit up front that comparatively speaking, this is a tiny, tiny, tiny little environment, only a few hundred users in the directory service.
We have a 60 day password expiration requirement. Users range from nerdy infrastructure types to Windows developers to business users.
Is anybody using an httpd (Apache2) based self-service password reset tool?
I've been looking at the LTB self-service password reset application(http://ltb-project.org/wiki/documentation/self-service-password/latest/start). I can probably get it to work for me, but I'm also looking at some fairly non-trivial modifications, I suspect.
Jeff Kalchik Systems Engineering Land O'Lakes This message may contain confidential material from Land O'Lakes, Inc. (or its subsidiary) for the sole use of the intended recipient(s) and may not be reviewed, disclosed, copied, distributed or used by anyone other than the intended recipient(s). If you are not the intended recipient, please contact the sender by reply email and delete all copies of this message.
I am not sure if it will fit your needs but we have used PWM with good results.
https://github.com/pwm-project/pwm
----- Original Message -----
From: "Jeffery Kalchik" JDKalchik@landolakes.com To: "General discussion list for the 389 Directory server project." 389-users@lists.fedoraproject.org Sent: Tuesday, October 18, 2016 8:01:00 AM Subject: [389-users] Self-service password reset?
I’ll admit up front that comparatively speaking, this is a tiny, tiny, tiny little environment, only a few hundred users in the directory service.
We have a 60 day password expiration requirement. Users range from nerdy infrastructure types to Windows developers to business users.
Is anybody using an httpd (Apache2) based self-service password reset tool?
I’ve been looking at the LTB self-service password reset application(http://ltb-project.org/wiki/documentation/self-service-password/latest/start). I can probably get it to work for me, but I’m also looking at some fairly non-trivial modifications, I suspect.
Jeff Kalchik
Systems Engineering
Land O’Lakes This message may contain confidential material from Land O'Lakes, Inc. (or its subsidiary) for the sole use of the intended recipient(s) and may not be reviewed, disclosed, copied, distributed or used by anyone other than the intended recipient(s). If you are not the intended recipient, please contact the sender by reply email and delete all copies of this message. _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
I’d looked at pwm some time ago, don’t recall why I didn’t pursue it any further. I’ve pulled a current copy, but seem to be stuck at the PWM administrators group entry in the configuration screens (never returns any entries.) The search string appears to be something like:
filter="(groupmembership=cn=Directory Administrators,ou=testou,dc=example,dc=com)"
I’m not familiar with the groupmembership attribute in the filter. I have added groupmembership to the memberofattr in the memberOf plugin (yes, I did restart this daemon,) without any change in behavior.
However….. this really isn’t germane to 389-ds, but more towards PWM. I’ll take this over there, unless anybody else has an interest in continuing (and the list moderators are good with that.
Jeff From: Patrick Landry [mailto:patrick.landry@louisiana.edu] Sent: Tuesday, October 18, 2016 9:28 AM To: General discussion list for the 389 Directory server project. 389-users@lists.fedoraproject.org Subject: [389-users] Re: Self-service password reset?
I am not sure if it will fit your needs but we have used PWM with good results.
https://github.com/pwm-project/pwm
________________________________ From: "Jeffery Kalchik" <JDKalchik@landolakes.commailto:JDKalchik@landolakes.com> To: "General discussion list for the 389 Directory server project." <389-users@lists.fedoraproject.orgmailto:389-users@lists.fedoraproject.org> Sent: Tuesday, October 18, 2016 8:01:00 AM Subject: [389-users] Self-service password reset?
I’ll admit up front that comparatively speaking, this is a tiny, tiny, tiny little environment, only a few hundred users in the directory service.
We have a 60 day password expiration requirement. Users range from nerdy infrastructure types to Windows developers to business users.
Is anybody using an httpd (Apache2) based self-service password reset tool?
I’ve been looking at the LTB self-service password reset application(http://ltb-project.org/wiki/documentation/self-service-password/latest/start). I can probably get it to work for me, but I’m also looking at some fairly non-trivial modifications, I suspect.
Jeff Kalchik Systems Engineering Land O’Lakes This message may contain confidential material from Land O'Lakes, Inc. (or its subsidiary) for the sole use of the intended recipient(s) and may not be reviewed, disclosed, copied, distributed or used by anyone other than the intended recipient(s). If you are not the intended recipient, please contact the sender by reply email and delete all copies of this message. _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.orgmailto:389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.orgmailto:389-users-leave@lists.fedoraproject.org
--
[cid:image001.jpg@01D229E4.5B95C530]
Patrick Landry Director, UCSS University of Louisiana at Lafayette pml@louisiana.edumailto:pml@louisiana.edu
This message may contain confidential material from Land O'Lakes, Inc. (or its subsidiary) for the sole use of the intended recipient(s) and may not be reviewed, disclosed, copied, distributed or used by anyone other than the intended recipient(s). If you are not the intended recipient, please contact the sender by reply email and delete all copies of this message.
Hello
We've used both PWM and LTB self-service password reset. Both are good.
LTB is in php, simple and working and very easy to customize. PWM is in Java, feature rich and much more than just a self-service.
Choosing a suitable one is defined by your needs. In many projects I prefer LTB.
Hope it helps Cheers
389-users@lists.fedoraproject.org