Skip to content
/ ldap-passwd-webui Public
forked from jirutka/ldap-passwd-webui

Very simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).

License

MIT license
0 stars 70 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

magna-z/ldap-passwd-webui

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
doc
doc
 
 
static
static
 
 
.dockerignore
.dockerignore
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
CHANGELOG.adoc
CHANGELOG.adoc
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
app.py
app.py
 
 
index.tpl
index.tpl
 
 
requirements.txt
requirements.txt
 
 
settings.ini.example
settings.ini.example
 
 

Repository files navigation

Web UI for changing LDAP password

The aim of this project is to provide a very simple web form for users to be able to change their password stored in LDAP or Active Directory (Samba 4 AD). It’s built with Bottle, a WSGI micro web-framework for Python.

Installation

Clone this repository and install dependencies:

git clone git@github.com:jirutka/ldap-passwd-webui.git
cd ldap-passwd-webui
pip install -r requirements.txt

Requirements

Configuration

Configuration is read from the file settings.ini. You may change location of the settings file using the environment variable CONF_FILE.

If you have Active Directory (or Samba 4 AD), then you must use encrypted connection (i.e. LDAPS or StartTLS) – AD doesn’t allow changing password via unencrypted connection.

Run it

There are multiple ways how to run it:

Run with the built-in server

Simply execute the app.py:

python3 app.py

Then you can access the app on http://localhost:8080. The port and host may be changed in settings.ini.

Run with Waitress

cd ldap-passwd-webui
waitress-serve --listen=*:8080 app:application

Run with uWSGI and nginx

If you have many micro-apps like this, it’s IMO kinda overkill to run each in a separate uWSGI process, isn’t it? It’s not so well known, but uWSGI allows to “mount” multiple application in a single uWSGI process and with a single socket.

Sample uWSGI configuration:
[uwsgi]
plugins = python3
socket = /run/uwsgi/main.sock
chdir = /var/www/scripts
logger = file:/var/log/uwsgi/main.log
processes = 1
threads = 2
# map URI paths to applications
mount = /admin/ldap-passwd-webui=ldap-passwd-webui/app.py
#mount = /admin/change-world=change-world/app.py
manage-script-name = true
Sample nginx configuration as a reverse proxy in front of uWSGI:
server {
    listen 443 ssl;
    server_name example.org;

    ssl_certificate     /etc/ssl/nginx/nginx.crt;
    ssl_certificate_key /etc/ssl/nginx/nginx.key;

    # uWSGI scripts
    location /admin/ {
        uwsgi_pass  unix:/run/uwsgi/main.sock;
        include     uwsgi_params;
    }
}

Screenshot

screenshot

License

This project is licensed under MIT License. For the full text of the license, see the LICENSE file.

About

Very simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Python 56.0%
  • CSS 24.6%
  • Smarty 19.4%