eliott/ocis
1
0
Fork 0
mirror of https://github.com/owncloud/ocis synced 2026-04-27 02:05:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use LDAP Modify Password ExtOp for updating passwords

Browse Source 
By default the graph API will now use the LDAP Password Modify Extended
Operation for setting user passwords. By this we make sure that the
LDAP server can e.g. properly hash the password with and algorithm that
it supports.

This can be reverted to the old behaviour (using "normal" LDAP modify
requests) by setting GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP=false

Fixes: #3778
This commit is contained in:
Ralf Haferkamp
2022-06-23 17:04:05 +02:00
committed by Ralf Haferkamp
parent 4e07daef53
commit 2cabf5bf5d
7 changed files with 103 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
services/graph/pkg/config/defaults/defaultconfig.go
View File

@@ -46,6 +46,7 @@ func DefaultConfig() *config.Config {
CACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"),
BindDN: "uid=libregraph,ou=sysusers,o=libregraph-idm",
UseServerUUID: false,
UsePasswordModExOp: true,
WriteEnabled: true,
UserBaseDN: "ou=users,o=libregraph-idm",
UserSearchScope: "sub",