Petros writes:
> Unrelated, I looked for a password changer myself yesterday, for a
> LDAP backend, and found
> http://www.symfony-project.org/plugins/upSimpleLdapPlugin
I wrote the below to deal with Windows Home users.
$ cat /var/www/pwreset.html
<!-- THIS DOES NOT EVEN TRY TO BE SECURE. DO NOT EXPOSE THIS TO MALICIOUS
NETWORKS. -->
<!-- THIS KLUDGE IS ONLY UNTIL DOMAIN LOGINS ARE ENABLED. IT IS NOT
PERMANENT. -->
<html><body><form action=/cgi-bin/pwreset method=post>
Username: <input name=u type=text /><br>
Old password: <input name=o type=password><br>
New password: <input name=n type=password><br>
<input type=submit>
</form></body></html>
$ cat /usr/lib/cgi-bin/pwreset
#!/bin/bash
# This is a CGI script that expects input on stdin (i.e. POST, not GET).
# THIS DOES NOT EVEN TRY TO BE SECURE. DO NOT EXPOSE THIS TO MALICIOUS
NETWORKS.
# THIS KLUDGE IS ONLY UNTIL DOMAIN LOGINS ARE ENABLED. IT IS NOT PERMANENT.
set -eEu
set -o pipefail
trap "echo PASSWORD NOT CHANGED" ERR
printf 'Content-Type: text/plain\n\n'
exec 2> >(logger -t pwreset)
d="$(cat)"
u="$(grep -Eo 'u=[^=&]+' <<<"$d" | cut -c3-)"
o="$(grep -Eo 'o=[^=&]+' <<<"$d" | cut -c3-)"
n="$(grep -Eo 'n=[^=&]+' <<<"$d" | cut -c3-)"
## This would only set the NIS schema, not the Samba schema, and thus is no
good.
#ldappasswd -D "uid=$u,ou=people,o=Frobozz" -w "$o" -s "$n"
## Therefore instead we set the password via samba.
smbpasswd -r piserver1 -U "$u" -s <<< "$o
$n
$n"
echo PASSWORD CHANGED
_______________________________________________
luv-main mailing list
[email protected]
http://lists.luv.asn.au/listinfo/luv-main
