Geert Jansen wrote: > > Forget about using LDAP to change a user's password. It can be done but > it requires 128-bit SSL and so you need to set up certificate services > and distribute the CA certificate to your client. An easier way is to > use the Kerberos Set Password protocol (RFC3244). MIT Kerberos 1.3 and > later support this protocol. Unfortunately there is no command-line > interface to this call so you need to create a Python extension module > for wrapping this call. > > My (in progress) project FreeADI contains a wrapper for the Set Password > call. See the file "/trunk/freeadi/core/_krb5.c" on my Trac page at > freeadi.org. The code is available under the liberal MIT license.
If you're already on that route you might be interested in the heimdal-wrapper module by Univention. Its license is GPL. Not sure whether they support the Set Password protocol though. Ciao, Michael. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
