官方网站:https://ltb-project.org/doku.php
官方简介:
Self Service Password is a PHP application that allows users to change their password in an LDAP directory.
The application can be used on standard LDAPv3 directories (OpenLDAP, OpenDS, ApacheDS, Sun Oracle DSEE, Novell, etc.) and also on Active Directory.
It has the following features:
-
Samba mode to change Samba passwords
-
Active directory mode
-
Local password policy:
-
Minimum/maximum length
-
Forbidden characters
-
Upper, Lower, Digit or Special characters counters
-
Reuse old password check
-
Complexity (different class of characters)
-
-
Help messages
-
Reset by questions
-
Reset by mail challenge (token sent by mail)
-
Reset by SMS (through external Email 2 SMS service)
-
reCAPTCHA (Google API)
-
Mail notification after password change
官方下载地址:https://github.com/ltb-project/self-service-password
csdn下载地址:https://download.csdn.net/download/zhangxueleishamo/10633202
环境需求: apache 、 php环境 yum -y install http php php-ldap mysql
ldap环境 安装 https://blog.csdn.net/zhangxueleishamo/article/details/81512157
软件安装:
一、yum 安装此软件
1、配置self-service-password的yum仓库
cat >> /etc/yum.repos.d/ltb-project.repo << “EOF”
[ltb-project-noarch]
name=LTB project packages (noarch)
baseurl=https://ltb-project.org/rpm/$releasever/noarch
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project
EOF2、安装 yum -y install self-service-password
二、如果仓库安装不成功,手动安装
yum -y install apr libzip php-common apr-util http-tools mailcap.noarch php-cli php-ldap php-mcrypt sendmail重启systemctl restart httpd
三、配置apache依赖
cat > /etc/httpd/conf.d/self-service-password.conf << “EOF”
Listen 8888
<VirtualHost *:8888>
ServerAdmin myself.ldap.com
DocumentRoot /var/www/html/self-service-password
DirectoryIndex index.php
AddDefaultCharset UTF-8
Alias /ssp /var/www/html/self-service-password
<Directory “ /var/www/html/self-service-password”>
AllowOverride None
Require all granted
</Directory>
LogLevel warn
ErrorLog /var/log/httpd/ssp_error_log
CustomLog /var/log/httpd/ssp_access_log combined
</VirtualHost>
EOF重启systemctl restart httpd
四、配置self-service-password 配置文件
vim /var/www/html/self-service-password/conf/config.inc.php
#######配置依赖ldap#########
$ldap_url = "ldap://192.168.5.121:389";
$ldap_starttls = false;
$ldap_binddn = "cn=admin,dc=ldap,dc=com";
$ldap_bindpw = "123456";
$ldap_base = "ou=people,dc=ldap,dc=com";
$ldap_login_attribute = "cn";
$ldap_fullname_attribute = "cn";
$ldap_filter = "(&(objectClass=inetOrgPerson)($ldap_login_attribute={login}))";
$keyphrase = "ilanni";#######配置依赖mail#############
$mail_attribute = "mail";
$mail_address_use_ldap = false;
$mail_from = [email protected]";
$mail_from_name = "Self Service Password";
$mail_signature = "";
# Notify users anytime their password is changed
$notify_on_change = true;
# PHPMailer configuration (see https://github.com/PHPMailer/PHPMailer)
$mail_sendmailpath = '/usr/sbin/sendmail';
$mail_protocol = 'smtp';
$mail_smtp_debug = 2;
$mail_debug_format = 'error_log';
$mail_smtp_host = 'mail.com.cn';
$mail_smtp_auth = "login";
$mail_smtp_user = '[email protected]';
$mail_smtp_pass = '1234567890';
$mail_smtp_port = 25;
$mail_smtp_timeout = 30;
$mail_smtp_keepalive = false;
$mail_smtp_secure = '';
$mail_smtp_autotls = true;
$mail_contenttype = 'text/plain';
$mail_wordwrap = 0;
$mail_charset = 'utf-8';
$mail_priority = 3;
$mail_newline = PHP_EOL;配置完成后 重启systemctl restart httpd
五、访问 http://192.168.5.121:8888
注:
menu.php 选项配置
images 图片 头 ico logo 存储
lang 语言包
lang/zh-CN.inc.php 中文提示消息等 存储
