Sick of using ldappasswd to reset a users password?

Stick this in your cgi-bin dir and you'll never type it again!

Main Script

#!/usr/bin/perl
###########################################
#                                         #
# Gavin Henry                             #
# 0.1 - 26.08.05                          #
# 0.2 - 05.01.06                          # 
#                                         #
# Web page to Change Samba LDAP Passwords #
#                                         #
# Licence: GPL                            #
#                                         #
# See /etc/changepass.conf for settings   #
#                                         #
# TODO: Start_TLS/LDAPS                   #
#                                         #
###########################################

use strict;

# Create a config and open configurartion file
use Config::Tiny;
my $Config = Config::Tiny->new();
$Config = Config::Tiny->read('/etc/changepass.conf')
  or die "Cannot open config file $!";

# HTML Settings #####################################
my $title   = $Config->{html}->{title};             #
my $heading = $Config->{html}->{heading};           #
my $css     = $Config->{html}->{css};               #
#####################################################

# LDAP Settings #####################################
my $passlength = $Config->{ldap}->{passlength};     #
my $hostname   = $Config->{ldap}->{hostname};       #
my $adminbind  = $Config->{ldap}->{rootdn};         #
my $userbind   = $Config->{ldap}->{userbind};       #
#####################################################

# Create form etc.
use CGI qw/:standard/;
print header,
  start_html(
    -title => "$title",
    -style => { -src => "$css" }
  ),
  h1("$heading"), start_form, br, "Username to change:",
  textfield( -name => 'name', ), br, "Admin Password:",
  password_field(
    -name      => 'adminpasswd',
    -size      => 15,
    -maxlength => 15,
  ),
  br, "New Password:",
  password_field(
    -name      => 'newpasswd',
    -size      => 15,
    -maxlength => 15
  ),
  br, "Verify Password:",
  password_field(
    -name      => 'verify_passwd',
    -size      => 15,
    -maxlength => 15
  ),
  br, submit, end_form, hr;

#Begin tests
if ( param() ) {
    my $name          = param('name');
    my $adminpasswd   = param('adminpasswd');
    my $newpasswd     = param('newpasswd');
    my $verify_passwd = param('verify_passwd');

    if ( $name eq '' ) {
        print "Must have a username!!\n";
        hr;
    }
    elsif ( $newpasswd eq '' ) {
        print "Must have a new password!\n";
        hr;
    }
    elsif ( $adminpasswd eq '' ) {
        print "Must have the Admin password!\n";
        hr;
    }
    elsif ( length $newpasswd < $passlength ) {
        print "The password must be more than or equal to $passlength 
+characters, but no more than 15.\n";
        hr;
    }
    elsif ( $newpasswd ne $verify_passwd ) {
        print "Sorry, the passwords do not match!\n";
        hr;
    }
    elsif ( $newpasswd eq $verify_passwd ) {
        print "Changing password now.....", p;
        hr;

        # Begin LDAP Stuff
        use Net::LDAP;
        use Net::LDAP::Extension::SetPassword;

        my $ldap = Net::LDAP->new("$hostname")
          or die "Host not found: $!";

        $ldap->bind( "$adminbind", password => "$adminpasswd" );

        # Carry on with changing passwords here
        hr;
        my $mesg = $ldap->set_password(
            newpasswd => "$newpasswd",
            user      => "uid=$name,$userbind"
        );

        die "error: ", $mesg->code(), ": ", $mesg->error() if ( $mesg-
+>code() );

        print "Password changed.", p;
        hr;
    }
    else {
        print "Situation unexpected, please contact Gavin!\n";
    }
}

__END__

=head1 NAME

changepass - a perl cgi script for changing LDAP Passwords

=head1 SYNOPSIS

Install Net::LDAP and Net::LDAP::Extension::SetPassword and
stick in cgi-bin, after editing /etc/changepass.conf

=head1 DESCRIPTION

Changing passwords stored in an OpenLDAP directory via ldappasswd
is a pain, so I created this simple page.

=head1 SEE ALSO

Net::LDAP, Net::LDAP::Extension::SetPassword

=head1 VERSION

This man page documents changepass version 0.1

=head1 CREDITS

The people who have worked on Net::LDAP and CGI

=head1 AUTHOR

Gavin Henry
email: ghenry at perl dot me dot uk
web  : http://www.perl.me.uk
PM   : http://aberdeen.pm.org

=head1 COPYRIGHT

Copyright (c) 2005 by Gavin Henry

=head1 LICENSE

This package is free software; you can redistribute it and/or modify i
+t
under the terms of the "GNU General Public License".

Please refer to the file "COPYING" for details.

=head1 DISCLAIMER

This package is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

See the "GNU General Public License" for more details.

[download]

Config file

###########################################
#                                         #
# Gavin Henry 25.08.05                    #
#                                         #
# Web page to Change Samba LDAP Passwords #
#                                         #
# Licence: GPL                            #
#                                         #
# /etc/changepw.conf for settings         #
#                                         #
###########################################

# Tips:
#
# Don't put any spaces either side of the equals
# sign. 
# 
# Well you can really in front of it, but
# not after it ;-)


# Set a few html things
[html]
title=Change Password
heading=Change Password
css=/passwd.css

# ldap stuff
[ldap]
passlength=6
hostname=ldap.yourhost.org
rootdn=cn=Manager,dc=yourhost,dc=org
userbind=ou=People,dc=yourhost,dc=org

[download]
I hope this helps someone out.

Walking the road to enlightenment... I found a penguin and a camel on the way.....
Fancy a yourname@perl.me.uk? Just ask!!!

In reply to Change your LDAP password by ghenry

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.