搭建ldap自助修改密码系统--Self Service Password-HQY 一个和谐有爱的空间

29

2019
11
14:51:37

搭建ldap自助修改密码系统--Self Service Password

2019-08-15 20:52:31

服务安装：

  安装依赖：yum install php70-ldap.x86_64 -y (版本尽量大于5.3，否则会提示更新php程序)
                 yum install httpd -y
  安装Self Service Password：yum install https://ltb-project.org/rpm/6Server/noarch/self-service-password-1.1-1.el6.noarch.rpm

配置apache: /etc/httpd/conf.d/self-service-password.conf

            NameVirtualHost *:80<VirtualHost *:80>
        ServerName ssp.xinniu.com        DocumentRoot /usr/share/self-service-password        DirectoryIndex index.php        AddDefaultCharset UTF-8   <Directory "/usr/share/self-service-password">
            AllowOverride None            Allow from all
</Directory>
        LogLevel warn        ErrorLog /var/log/httpd/ssp_error_log        CustomLog /var/log/httpd/ssp_access_log combined</VirtualHost>

配置Self Service Password,支持密码修改和邮件重置： vim /usr/share/self-service-password/conf/config.inc.php

这个文件配置项太多了，只写一下改动的

$ldap_url = "ldap://172.xx.xx.xx:389";$ldap_starttls = false;$ldap_binddn = "cn=admin,dc=xxxx,dc=com";$ldap_bindpw = "****";$ldap_base = "dc=xxxx,dc=com";$ldap_login_attribute = "uid";$ldap_fullname_attribute = "cn";$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";$mail_from = "msg_data@xxxx.com";$mail_from_name = "Self Service Password";$mail_signature = "";$notify_on_change = true;
https://github.com/PHPMailer/PHPMailer)$mail_sendmailpath = '/usr/sbin/sendmail';$mail_protocol = 'smtp';$mail_smtp_debug = 0;$mail_debug_format = 'html';$mail_smtp_host = 'localhost';$mail_smtp_auth = true;$mail_smtp_user = 'msg_data@xxxxx.com';$mail_smtp_pass = 'xxxxx;$mail_smtp_port = 25;keyphrase = "secret";

配完后
systemctl restart httpd

完成之后，测试系统是否可以使用
打开页面
搭建ldap自助修改密码系统--Self Service Password
d
修改密码时不用输入整个dn，直接输入前缀就可以了