Le 16/08/10 19:07, Clément OUDOT a écrit : > Le 16 août 2010 18:56, Cédric Lemarchand > <[email protected]> a écrit : >> Le 16/08/10 18:39, Clément OUDOT a écrit : >>> I've done some modifications, can someone test with this new >>> function.inc.php file? >>> http://tools.lsc-project.org/projects/ltb/repository/revisions/129/entry/self-service-password/trunk/functions.inc.php >>> >>> Thanks, >>> >>> Clément. >> With this file version, it's seems to works fine. >> >> But I get this error when debug is enable, dont know if it's realy >> important : >> >> *Notice*: Undefined variable: adpassword in >> */usr/share/self-service-password-0-4/functions.inc.php* on line *188* >> > Hi, > > thanks for the feedback, I will correct the warning. > > The patched version will be available in next release. > > Clément.
Good news, thx Clément. I haven't test it yet, but does this patch solve the problem encounter with the "user" mode too ? (in opposition with the "manager" mode). I mean i would prefer SSP to not run with the administrator domain account, even more that the domain admin password is shown, unencrypted, in the config file. This is really scaring me in the way that AD is the master piece of all the authentication and security for the IT infrastructure, i wouldn't imagine even in my worst nightmare that the domain administrator accound was being compromised, means all servers are possibly too. The regular way (for me) would be that every user use his own ldap credentials to change his password. _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
