Active Directory/LDAP password reset

Hi,

Is it possible to use privacyidea as a password reset portal for AD/LDAP?

I’ve tried to configure an editable user store but it’s not working to set
a new password.
Sometimes I’ve been able to edit user data from privacyidea, like
phonenumber etc. but not always…

It would be nice if you could log on the WebUI with OTP (I’ve got this
working) and then reset your password inside the WebUI (not working).
Or if we could use the password reset link in “Login Screen” of the WebUI,
to generate a SMS instead of email
This because often the password for email are stored in AD and user cannot
read the mail because the password is expired/forgotten.

Finally, I’m impressed of this nice 2FA system, good work :slight_smile:

Hi John,

So the user logs in to the webui and can not reset his password?
What is “not working”?

The reset link at the login screen was ment for self registered users. This
is why it is sent via Email.

Kind regards
CorneliusAm Donnerstag, 5. Januar 2017 16:37:57 UTC+1 schrieb John Olav Selland:

Hi,

Is it possible to use privacyidea as a password reset portal for AD/LDAP?

I’ve tried to configure an editable user store but it’s not working to set
a new password.
Sometimes I’ve been able to edit user data from privacyidea, like
phonenumber etc. but not always…

It would be nice if you could log on the WebUI with OTP (I’ve got this
working) and then reset your password inside the WebUI (not working).
Or if we could use the password reset link in “Login Screen” of the WebUI,
to generate a SMS instead of email
This because often the password for email are stored in AD and user cannot
read the mail because the password is expired/forgotten.

Finally, I’m impressed of this nice 2FA system, good work :slight_smile: