Password reset through SASL
Dan White
dwhite at olp.net
Mon Jul 25 22:56:02 EDT 2011
On 25/07/11 14:30 -0400, Conger,Keith wrote:
>Hi,
>
>Does anyone know if its possible to reset a password when using OpenLDAP
>with Cyrus SASL to an 2008 Active Directory either through GSSAPI or
>LDAPS. I've read that you you can change a password, but we need to be
>able to reset with an administrative level account when a user forgets
>their password.
Although I haven't used it, Windows Password Synchronization:
http://technet.microsoft.com/en-us/library/bb463208.aspx
might be an option.
Passwords can be changed directly against AD using a kerberos password
utility (kpasswd).
Based on what little experience I've had with AD 2003, Active Directory
does not seem to provide an LDAP based password changing function (Password
ExOp).
--
Dan White
More information about the Cyrus-sasl
mailing list