AuthTool¶
AuthTool is a self-service password reset and SSH public key management application for OpenLDAP directories.
Features include:
- Forgotten passwords can be reset using a token sent by email.
- Forgotten username reminders can be sent by email.
- Passwords can be changed using the current password.
- SSH public keys can be validated and added or deleted.
Prerequisites¶
This application makes many assumptions about your LDAP server’s configuration and schema.
LDAP Schema¶
- The sshPublicKey schema from the openssh-ldap-publickey project.
- The
posixUser
objectClass - The
sambaSamAccount
objectClass
LDAP Configuration¶
This application assumes anonymous binds are permitted for obtaining limited user information. A service account is used for administrative operations such as setting passwords.