SquirrelMail  
Donations
News
About
Support
Security
Screen shots
Download
Plugins
Documentation
Sponsors
Bounties





Junk Email Filter






Security Notice
Phishing campain
Version 1.4.15
Security Upgrade
Plugins - Change LDAP Password
Category: Change password

Change_ldappass allows you to change your account password which is stored on an LDAP server. It complements the LDAP address book and (LDAP) Retreive User Data plugins on systems where IMAP authentication is done via LDAP. An extra tweak allows this plugin to update Samba encrypted password files as well (smbpasswd) for systems that also do Samba authentication via LDAP. This keeps the LDAP user account and the samba password file in sync. Just set up your LDAP server, search base, and optionally a managers login dn in config.php.

****NOTE: **** If you are using the samba password update facility in this plugin please upgrade to version 1.4. Prior versions contained a security vunerability where malicious users could execute shell commands as the webserver user.



Version 2.2
by Tomas Kuliavas on Jul 29, 2007
[ change_ldappass-2.2-1.4.0.tar.gz tarball (21328 d/l) Help ]
Requires: SquirrelMail 1.4.0 or later, PHP with LDAP support

Description:

This plugin version adds PHP Crack support and includes various fixes in code working with Samba passwords.

  • Added PHP Crack support.
  • Fixed escapes in detection of allowed password symbols. Thanks to Zend Studio.
  • config.php.sample renamed to config_sample.php.
  • Added Dutch translation by Tony den Haan. Closes SquirrelMail bug tracker (#1692115).
  • Added mkntpwd sources.
  • Samba-LDAP passwords are changed only when user entry supports Samba objectclass attributes. Thanks to AndrĂ©s Tarallo.
  • smbpasswd command updated to Samba 3.0.5+ smbpasswd syntax. Thanks to Tom Olson.
  • smbpasswd return code is used to detect status of operation instead of reading last line. Fixes invalid evaluation of smbpasswd output.
  • Configuration file is loaded with include_once.
  • Detect ldap filters enclosed in parenthesis. Thanks to Cleber P. de Souza.
  • Updated Lithuanian translation.

Older versions

Version 2.1
by Tomas Kuliavas on Jan 20, 2007
[ change_ldappass-2.1-1.4.0.tar.gz tarball (8616 d/l) Help ]
Requires: SquirrelMail 1.4.0 or later, PHP with LDAP support

Description:

Non-maintainer upload. Closes SquirrelMail bug tracker (#1606152).

  • Added $ldap_filter option.
  • Don't use 'None' mailbox name in displayPageHeader() function calls.


Version 2.0
by Tomas Kuliavas on Oct 7, 2006
[ change_ldappass-2.0-1.4.0.tar.gz tarball (7250 d/l) Help ]
Requires: SquirrelMail 1.4.0 or later, PHP with LDAP support

Description:

Non-maintainer upload designed to fix LDAP bind protocol and compatibility plugin issues. Closes SquirrelMail bug trackers #1255733, #1562911, #1567110. Thanks to [email protected], [email protected] and [email protected].

  • This plugin version is licensed under GPL. Older versions used BSD license.
  • Removed dependency on compatibility plugin. Minimal required SquirrelMail version increased to 1.4.0.
  • Added LDAP bind protocol version controls.
  • Removed pound symbol and space from list of allowed password characters.


Version 1.8
by Ray Ferguson on Dec 12, 2004
[ change_ldappass-1.8.tar.gz tarball (14863 d/l) Help ]
Requires: Compatibility plugin and ldap.

Description:
  • Merged patch from Joerg Pulz which corrects and extends samba password support
  • Added more i18n locales
  • Fixed general i18n crappyness.
  • Added a few options. See config.php.sample
  • MD5: 63970d47d3d9a20c8732a76a673e012f change_ldappass-1.8.tar.gz


Version 1.7
by Ray Ferguson on Mar 5, 2004
[ change_ldappass-1.7.tar.gz tarball (9593 d/l) Help ]
Requires: Compatibility program and ldap.

Description:
  • change ldap_sha_passwd function to leverage php sha1 builtin if you
  • are using php>=4.3.0. You now have a choice for sha & ssha support.
  • Use php with compiled in mhash libraries or php>=4.3.0.
  • added support for LanManager or NT compatable passwords in ldap. mkntpwd
  • added pt_BR locale
  • added support for ssha encryption.
  • fixed bug w/ bind as manager. We now bind before looking up dn which allows us to work on systems that do not allow anon query.
  • odds and ends, some stuff, and some things.


Version 1.6
by Ray Ferguson on Jul 26, 2003
[ change_ldappass-1.6.tar.gz tarball (8637 d/l) Help ]
Requires: Compatibility Plugin

Description: Added SMD5 support and merged polish locale.

Version 1.5
by Ray Ferguson on May 15, 2003
[ change_ldappass-1.5.tar.gz tarball (7365 d/l) Help ]
Requires: SquirrelMail >=1.2.8 &

Description:

NOTE NEW DEPENDENCY: Compatibility Plugin

New features: SM-1.4 compatibility, and i18n support. Bug fixes etc.



Version 1.4
by Simon Annetts on Jan 8, 2003
[ change_ldappass-1.4.tar.gz tarball (9958 d/l) Help ]
Requires: SquirrelMail >=1.2.8 and an LDAP server I guess...

Description: Fixed a security hole and added support for unencrypted passwords for those users that keep hassling me about it ;-)
****NOTE: **** If you are using the samba password update facility in this plugin please upgrade to this version Prior versions contained a security vunerability where malicious users could execute shell commands as the webserver user.

Version 1.3
by Simon Annetts on Oct 29, 2002
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail 1.2.8 and an LDAP server I guess...

Description: Changed password detection to support salted DES, MD5 and BLOWFISH as well as unsalted MD5 and SHA. Unsalted MD5 and SHA are *untested* by me but based on other users contributed code. Please give me feedback on their fitness.... Fixed bugs pointed out by other people. Improved binding techniques, - we bind anonymously to get the users dn, then bind as the user. Removed global variables for register_globals = off in SQM 1.2.8

Version 1.2
by Simon Annetts on Apr 17, 2002
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail >= 1.0.1, LDAP server

Description: Ver 1.2, Apr 15 2002 - Added MD5 password support with autodetect.
Added code necessary to support MD5 passwords as well as original crypt passwords. Autodetection is done by looking at the length of the password and the first three characters (should always be $1$ for MD5).

Ver 1.1, Nov 16 2001 - Changed authentication options.
Added an option which selects whether to bind to the LDAP server as manager or as the current user before attempting to change the password.

Version 1.0
by Simon Annetts on Mar 25, 2001
[ This version is not available. You might be able to get it by asking on the "squirrelmail-plugins" mailing list or by contacting the author. ]
Requires: SquirrelMail >= 1.0.1, LDAP server

Description: Initial version.

If you have problems with the download or decompressing...
Internet Explorer
Right-click on the file, then select "Save Target As"
Firefox, Mozilla, Netscape
Right-click on the file, then select "Save Link As"
Opera
Right-click on the file, then select "Save Link Document As"
Lynx and Links
Press "d" on the link to download the file directly.
  • Untarring problems: Your browser might have un-gzipped it for you automatically. Try just "tar xvf" instead of "tar xvfz". Also, the plugins archive isn't gzipped (it is a tarball of .tar.gz files)
  • Macintosh users: Just hold down your mouse button to get the menu instead of right-clicking.
  • If all else fails, seek our help
© 1999-2016 by The SquirrelMail Project Team