Thank you very much,
Sounds perfect to me.

I am however still running into a problem.
I tried changing the password using MD5

$coded = array('userpassword' => "{MD5}" . base64_encode( pack( "H*", md5( 
$newpassword ) ) ) );

And using CLEAR

$coded = array('userpassword' => "{CLEAR}$newpassword");

But both resulted into my user not being able to login in anymore.
What kind of input does freeipa expect for userpassword?

Kind Regards,

Mark Hannessen

On Tuesday 11 August 2009 04:26:28 pm Rob Crittenden wrote:
> Mark Hannessen wrote:
> > Hi List,
> >
> > Does anyone know if it is possible to change the password of a use from
> > an web application other then FreeIPA itself?
> >
> > In some of the web apps we have we want to integrate the ability for
> > users to change their password. But since FreeIPA uses kerberos as well,
> > i am not sure how safe it would be to do this directly through LDAP.
> >
> > Does anyone have any hints on how to best approach this?
> Whenever a password is changed we update all passwords (LDAP, kerberos,
> etc). So you can do a password change over LDAP and this will also
> update the kerberos key.
> If you change another user's password (e.g. admin reset) then that user
> will need to change their password on the first kinit. You can change
> your own password without requiring a reset.
> rob

Freeipa-users mailing list

Reply via email to