LDAP POPPass Daemon

What it is

This is a POP password daemon that changes passwords in an LDAP directory.

LDAP Directory Structure

The format of the RDN is "uid=<USER_ID>". An example DN is:

uid=mojahed,ou=dialin,dc=agni,dc=com

I know, most people prefer to use cn in the RDN. But we are an ISP. We need the cn only when preparing the bill or sending a personalized mail to the client, which generally does not happen more than once or twice a month. Using uid in the RDN also makes it easy to insure unique user IDs.

LDAP Schema

The userPassword attribute must be present, this is obvious! ldppassd saves the time of the password change in aPassChangedTimestamp. If you do not want this feature, remove -DUPDATE_CHPASS_TIME in the Makefile. For an example schema look here.

Download

Download the source code from here

Implementation Notes

Poppassd is a simple text based protocol. But it was never standardized. As a result, not all implementations are exactly same. This is true for this implementation too. You should be aware of these details:

The validity of username and current password is not checked until the "quit" is received.
The password is not updated until the "quit" is received

These "details" should not break any well behaved client.

Installation

Download and unpack the source tar ball
Edit the Makefile if necessary
make
Copy the binary to a place you think a network daemon should be
Copy the example configuration file to /usr/local/etc and edit it
Add a line similar to this to your /etc/services:
```
  pop3pw       106/tcp
	
```
Add a line similar to this to your /etc/inetd.conf:
```
  pop3pw  stream  tcp nowait  USER  /path/to/ldap_poppassd ldap_poppassd
	
```
Replace USER with a non-privileged user name.
Send a HUP signal to your inetd

Related Software

ldppassd is actually written to work with our patched Cistron RADIUS server. You may be interested in this LDAP patch for Cistron

Contact

Please send any bug reports, improvement suggestions or flame to mojahed@agni.com

Modified: 01-Apr-2001