Docker image to a web interface to change and reset password in an LDAP directory https://github.com/ltb-project/self-service-password
Automated builds of the image are available on Dockerhub and is the recommended method of installation.
docker pull moss/selfservicepassword:1.0You can also pull the latest tag which is built from the repository HEAD
docker pull moss/selfservicepassword:latestAlternatively you can build the image locally.
docker build -t moss/selfservicepassword github.com/moss/docker-selfservicepasswordThe quickest way to get started is using docker-compose.
wget https://raw.githubusercontent.com/moss/docker-selfservicepassword/master/docker-compose.yml
wget https://raw.githubusercontent.com/moss/docker-selfservicepassword/master/.envStart Self Service Password using:
docker-compose up| Parameter | Description |
|---|---|
DEBUG |
Set this to true to enable entrypoint debugging. |
LDAP_SERVER: |
Ldap server. No default. |
LDAP_STARTTLS: |
Enable TLS on Ldap bind. No default. |
LDAP_BINDDN: |
Ldap bind dn. No default. |
LDAP_BINDPASS: |
Ldap bind password. No default. |
LDAP_BASE_SEARCH: |
Base where we can search for users. No default. |
LDAP_LOGIN_ATTRIBUTE: |
Ldap property used for user searching. Defaults to uid |
LDAP_FULLNAME_ATTRIBUTE: |
Ldap property to get user fullname. Defaults to cn |
ADMODE: |
Specifies if LDAP server is Active Directory LDAP server. If your LDAP server is AD, set this to true. Defaults to false. |
AD_OPT_FORCE_UNLOCK: |
Force account unlock when password is changed. Default to false. |
AD_OPT_FORCE_PWD_CHANGE: |
Force user change password at next login. Defaults to false. |
AD_OPT_CHANGE_EXPIRED_PASSWORD: |
Allow user with expired password to change password. Defaults to false. |
SAMBA_MODE: |
Samba mode, if is true update sambaNTpassword and sambaPwdLastSet attributes too; if is false just update the password. Defaults to false. |
SHADOW_OPT_UPDATE_SHADOWLASTCHANGE: |
If true update shadowLastChange. Defaults to false. |
PASSWORD_HASH: |
Hash mechanism for password: SSHA SHA SMD5 MD5 CRYPT clear (the default) auto (will check the hash of current password) This option is not used with ad_mode = true |
PASSWORD_MIN_LENGTH: |
Minimal length. Defaults to 0 (unchecked). |
PASSWORD_MAX_LENGTH: |
Maximal length. Defaults to 0 (unchecked). |
PASSWORD_MIN_LOWERCASE: |
Minimal lower characters. Defaults to 0 (unchecked). |
PASSWORD_MIN_UPPERCASE: |
Minimal upper characters. Defaults to 0 (unchecked). |
PASSWORD_MIN_DIGIT: |
Minimal digit characters. Defaults to 0 (unchecked). |
PASSWORD_MIN_SPECIAL: |
Minimal special characters. Defaults to 0 (unchecked). |
PASSWORD_NO_REUSE: |
Dont reuse the same password as currently. Defaults to true. |
PASSWORD_SHOW_POLICY: |
Show policy constraints message: always never onerror. Defaults to never |
PASSWORD_SHOW_POLICY_POSITION: |
Position of password policy constraints message: above below - the form. Defaults to above |
WHO_CAN_CHANGE_PASSWORD: |
Who changes the password? Also applicable for question/answer save user: the user itself manager: the above binddn. Defaults to user |
QUESTIONS_ENABLED: |
Use questions/answers? true or false. Defaults to true |
LDAP_MAIL_ATTRIBUTE: |
LDAP mail attribute. Defaults to mail |
MAIL_FROM: |
Who the email should come from. Defaults to admin@example.com |
MAIL_FROM_NAME: |
Name for MAIL_FROM. Defaults to No Reply |
NOTIFY_ON_CHANGE: |
Notify users anytime their password is changed. Defaults to false |
SMTP_DEBUG: |
SMTP debug mode (following https:////github.com/PHPMailer/PHPMailer instructions). Defaults to 0 |
SMTP_HOST: |
SMTP host. No default. |
SMTP_AUTH_ON: |
Force smtp auth with SMTP_USER and SMTP_PASS. Defaults to false |
SMTP_USER: |
SMTP user. No default. |
SMTP_PASS: |
SMTP password. No default. |
SMTP_PORT: |
SMTP port. Defaults to 587 |
SMTP_SECURE_TYPE: |
SMTP secure type to use. ssl or tls. Defaults to tls |
USE_SMS: |
Enable sms notify. (Disabled on this image). Defaults to false |
IS_BEHIND_PROXY: |
Enable reset url parameter to accept reverse proxy. Defaults to false |
SHOW_HELP: |
Display help messages. Defaults to true. |
LANG: |
Language (NOT WORKING YET). Defaults to en. |
DEBUG_MODE: |
Debug mode. Defaults to false. |
SECRETEKEY: |
Encryption, decryption keyphrase. Defaults to secret. |
USE_RECAPTCHA: |
Use Google reCAPTCHA (http://www.google.com/recaptcha). Defaults to false |
RECAPTCHA_PUB_KEY: |
Go on the site to get public key |
RECAPTCHA_PRIV_KEY: |
Go on the site to get private key |
DEFAULT_ACTION: |
Default action: change sendtoken sendsms. Defaults to change |