Howard Chu wrote: > Zdenek Styblik wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello, >> >> let's open up old wounds. Ok, it sounds jerky, but I don't mean it. >> >> Anyway. As the subject suggests, my question is how to code application >> which allows user to change his password. Or better to ask, if there is >> some [to me] unknown LDAP function which figures out what password >> encryption [hash] is used and generates new hash of password, if >> application should have idea at all what kind of password encryption is >> used. >> I think this is just impossible. Login is one thing, changing password >> is another. > > That's what ldappasswd is for. And no, the application should never have > any idea what encryption a server uses. That's purely a server-internal > issue. >
Then there should be API or mechanisms which do allow such behavior. If you mean calling % ldappasswd; as an external script, then it is % slappasswd; all over again. Such option is always the last one. But, this is just my opinion and I'm perfectly fine if you don't agree :) Zdenek -- Zdenek Styblik Net/Linux admin OS TurnovFree.net email: [email protected] jabber: [email protected]
