I'm working on a patchset to be able to change the user password in LDAP, when a user is updating his profile.
Till now I've added a selection (atm only SSHA) for used Passwordhashed to the server admin and also a field, which is storing the attr of the user password.
For the authentication plugin I've craeted a field, which indicates if password change should be also done in LDAP and depending on this field the forms of the user profile are changeable (passwords).
My problem is now, that I cannot find anything about, what hooks, functions I need to override or programm to be able to change the user password also in ldap, when the submit is done.
It would be really nice, if someone could give me just some hints, where to search for the needed information.
| Comment | File | Size | Author |
|---|---|---|---|
| ldap_plugin_pw_change.patch | 16.68 KB | mfulz |
Comments
Comment #1
johnbarclay commentedSee #1111000: LDAP User: add functions for modifying ldap user entries and passwords
Looks like this patch is against ldap authentication. It should probably be against ldap profile? Or how do you see the drupal 7 versions of the various ldap data modules?
Comment #2
mfulz commentedCould you explain, what you mean by ldap profile?
My problem is, that I'm very new to drupal.
I did the patch against ldap authentication, because there is the function "_ldap_authentication_from_user_profile_form_alter", which disables the password fields of the user.
Comment #3
johnbarclay commentedIn drupal 7, its unclear which ldap module should deal with resetting passwords. My feeling is something like:
http://groups.drupal.org/node/159604
http://groups.drupal.org/node/167304
Password resetting is not in the scope of ldap_server, ldap_authentication, ldap_authorization, and ldap_feeds modules which are in the 7.x-1.x branch.
It may be within the scope of ldap profile in the 7.x-2.x branch (http://drupalcode.org/project/ldap.git/tree/refs/heads/7.x-2.x)
Comment #4
jbarwick commentedI get the following:
But, I want to use Drupal as the "organization's password management site" !!!!!!!
I know LDAP module isn't done...but...this feature should really be added.
Comment #5
johnbarclay commentedMy feeling is this should go in 7.x-2.0 and that it should be part of an ldap_user module that deals with general ldap user to drupal user provisioning and synching of drupal user accounts and attributes. Including feeds integration and cron integration. This would replace ldap profile and the myriad of ldap_integration for drupal 6 modules that deal with drupal user data.
Comment #6
puddyglumThe reason I think this needs to be a part of ldap or ldap_authentication is because of the sheer importance of resetting or changing passwords. I'm surprised more people aren't talking about this missing feature.
Comment #7
puddyglumActually, this is very helpful: http://drupal.org/node/1111000
I'm creating a custom form that can use ldap_password_modify and it looks pretty good so far.
Comment #8
seworthi commentedI found an issue in the function _ldap_authentication_form_user_profile_form_alter(&$form, $form_state) [line 93ish in ldap_authentication.inc]. The ['#disabled'] = TRUE values should be changed to ['#access'] = FALSE to make them work.
Hope this helps.
Comment #9
johnbarclay commented@jmonkfish. Feel free to write a patch for ldap_authentication for resetting ldap passwords. Two key features is that its configurable to be on or off and be able to pick the ldap server conf to use to reset passwords. The latter is for use cases where more specific service account is used for resetting passwords.
Comment #10
johnbarclay commentedComment #11
johnbarclay commentedThis is in 7.x-2.x in ldap_user configuration. You can synch passwords from drupal to ldap.