PHP LDAP change password page
I have recently implemented an SSO (Single Sign On) mechanism in one of my places and then I started to look for a simple quick-and-dirty way to allow the users to change their passwords via PHP.
I have found many complicated examples but I thought, come on, this is really one page I am looking for. So, I have written my own and now I am sharing it with you.
The page has only two variables at the beginning, letting you set the LDAP server hostname and the binding DN. The script behaves like this:
- It connects to ldap via anonymous binding.
- Searches for the user specified in the username field by doing a search on the uid= part of DN for any object matching the username.
- The found object (if only 1) is returned to get a full DN with real CommonName.
- PHP re-binds as the user using the “current” user password.
- New password is being hashed and ldap_modify is called on the DN.
- Optionally a confirmation email is sent to the address from mail attribute.
You will have to customize for your needs obviously but it is as simple as modyfying one function. Just for curiosity, write a comment if you have used it for your site in any way.
20 Comments » 

Some time ago I got myself a Nokia E-65 phone in UK’s Three network. It was quite new shiny and fancy. It had Skype running with Three, a bit underfeatured but prepared by Three. The phone however was slow like hell, it didn’t have Polish writing dictionary and hanged from time to time.