WebMail Pro documentation

Password change via LDAP

Introduction

This module allows for changing user account password stored on LDAP server.

It is assumed that mailserver users are authenticated via IMAP and SMTP and their passwords are actually stored on LDAP server, so changing password there will result in changing password for email account as well.

Installation

If you have installed WebMail Pro from Git, you can follow the instructions for adding a module. If you've installed the product from ZIP, there's a simple approach available.

  • Download ZIP archive of the module at https://github.com/afterlogic/aurora-module-ldap-change-password-plugin/archive/master.zip
  • under modules directory of WebMail Pro installation, create LdapChangePasswordPlugin subdirectory
  • extract contents of aurora-module-ldap-change-password-plugin-master directory of ZIP archive into subdirectory you've created
  • log into your WebMail Pro installation, to make sure the module and its settings are initialized

Configuration

After installing the module, you should find its configuration file at data/settings/modules/LdapChangePasswordPlugin.config.json:

{
{
    "Disabled": [
        false,
        "bool"
    ],
    "SupportedServers": [
        ["*"],
        "array"
    ],
    "SearchDn": [
        "ou=Users,dc=afterlogic,dc=com",
        "string"
    ],
    "Host": [
        "127.0.0.1",
        "string"
    ],
    "Port": [
        389,
        "int"
    ],
    "BindDn": [
        "cn=Administrator,dc=afterlogic,dc=com",
        "string"
    ],
    "BindPassword": [
        "secret",
        "string"
    ],
    "HostBackup": [
        "",
        "string"
    ],
    "PortBackup": [
        389,
        "int"
    ],
    "PasswordType": [
        "clear",
        "string"
    ],
    "SearchAttribute": [
        "mail",
        "string"
    ],
    "PasswordAttribute": [
        "userPassword",
        "string"
    ]
}

Of course, you will need to adjust those settings according to your LDAP server setup.

For SupportedServers, you need to supply array of mailserver hostnames or IP addresses the feature is enabled for. If you put "*" item there, it means the feature is enabled for all accounts.

Additionally, the plugin uses the following parameters found in data/settings/config.json file:

  • 'PasswordMinLength' - defines minimal number of characters the password must have;
  • 'PasswordMustBeComplex' - if set to true, the password has to include at least one digit and at least one non-alphanumeric character.

To make sure "Change Password" button is displayed, set Disabled to false in data/settings/modules/ChangePasswordWebclient.config.json configuration file.