Web app Self-service password
Self-service password allows LDAP user to manage their credentials by themselves. :-)
Contents
Requirements
You need both a LDAP and Web server to use this application.
- LDAP server
- Apache 2
- Apache2 ldap mod enable
- php5-ldap extension
Sources
- Download links: http://ltb-project.org/wiki/download#self_service_password
- Official documentation: http://ltb-project.org/wiki/documentation/self-service-password
Installation
Get application
- Download the latest .tar.gz archive from the official website: http://ltb-project.org/wiki/download#self_service_password
cd /var/www/
wget http://tools.ltb-project.org/attachments/download/497/ltb-project-self-service-password-0.8.tar.gz
tar xzvf ltb-project-self-service-password-0.8.tar.gz
rm ltb-project-self-service-password-0.8.tar.gz
mv ltb-project-self-service-password-0.8/ self-service-password
chown -R www-data:www-data self-service-password
Configuration
Edit configuration
cd /var/www/self-service-password/conf/
cp config.inc.php config.inc.php.backup
vim config.inc.php
Edit / adjust following lines:
$ldap_url = "ldap://localhost:389";
$ldap_binddn = "cn=admin,dc=vehco,dc=com";
$ldap_bindpw = "secret";
$ldap_base = "dc=vehco,dc=com";
$ldap_login_attribute = "uid";
$ldap_fullname_attribute = "cn";
$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
$keyphrase = "ThisIsAnIncrediblePassphraseThatWillBlockHackersAndCrazyPersonsToAccessTheServerOrAtLeastItWillHelpThinkingThat";
Apache2 security
Edit your Virtual Host configuration:
Alias /self-service-password /var/www/self-service-password
<Directory /var/www/self-service-password>
ProxyPass !
Options Indexes FollowSymLinks MultiViews
## Old apache 2 (before 2.4)
order deny,allow
#allow from all
Allow from 127.0.0.1 192.168.1.0/24
## Apache 2.4
require local
require ip 192.168.1
require host dev.daxiongmao.eu
</Directory>
Reload apache2 configuration
service apache2 reload
That's all! You can go to http://myserver/self-service-password
