Clément "KPTN" OUDOT
Clément "KPTN" OUDOT
Ok, so it is for password change feature, not password reset. Most of the time, the LDAP directory will block the account. But we can indeed maybe use rate limit...
Not for the moment, we do this on our spare time. It this need is for an organization, you can ask for professional services: https://ltb-project.org/professionalservices.html
No but you can use `getenv()` to get the password value from env.
A simple search on internet gives me this: https://dev.to/fadymr/php-create-your-own-php-dotenv-3k2i
@ranyhs Hi. Active Directory does not allow to read entries anonymously. As said by @faust64 you must a technical account to search the directory. This account can be a simple...
Most of the time "Constraint violation" means the submitted password is not strong enough, so refused by AD. Check your password policy settings on AD.
Are you sure to have configured LDAPS to connect to Active Directory? This is mandatory.
Hi @ranyhs thanks for the details. Sadly I don't know how to resolve this. Seems the code was working for older AD versions but maybe not for recent ones. If...
Looking at this official documentation, we are doing the right thing: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6e803168-f140-4d23-b2d3-c3a8ab5917d2?redirectedfrom=MSDN > If the Modify request contains a delete operation containing a value Vdel for unicodePwd followed by an...
You can first set debug to true in SSP. But this will not really help to understand why AD is rejecting the change. You must get logs on AD side....