Reset a LDAP Password with PHP

Question

How can I reset a LDAP password in PHP?
I already have a connection to the LDAP Server.

Answer 1

I fell on this so many times while searching a solution ... What works for me using Symfony 5.1 :

# app/config/packages/security.yaml

services:
Symfony\Component\Ldap\Ldap:
    arguments: ['@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter']
Symfony\Component\Ldap\Adapter\ExtLdap\Adapter:
    arguments:
        -   host: ADServerIP
            port: 636
            encryption: ssl
            debug: true
            options:
                protocol_version: 3
                referrals: false

Then to change the password :

// Inject this
Symfony\Component\Ldap\Ldap $ldap ;

// Connect as superadmin
$ldap->bind('CN=Admin,CN=Users,DC=ADRMTW,DC=NET', 'adminN1cePassword');

$username = 'john.doe';
$newPassword = 'azerty!123';
$userPassword = mb_convert_encoding('"'.$newPassword.'"', 'utf-16le');
$query = $ldap->query('OU=users,DC=ADRMTW,DC=NET', "(&(objectclass=person)(sAMAccountName=$username))");
$result = $query->execute()->toArray();
$entry = $result[0];

$newEntry = new Entry($entry->getDn(), [
            'unicodePwd' => [$password],
        ]);
$ldap->getEntryManager()->update($newEntry);

Resource : https://support.microsoft.com/kn-in/help/269190/how-to-change-a-windows-active-directory-and-lds-user-password-through

Answer 2

Try the following code:

$dn = "uid=".$username.",dc=example,dc=com";
$newPassword = ...;
$newEntry = array('userpassword' => "{MD5}".base64_encode(pack("H*",md5($newPassword))));

if(ldap_mod_replace($ldapConnection, $dn, $newEntry))
    print "<p>succeded</p>";
else
    print "<p>failed</p>";

See:

http://php.net/manual/en/function.ldap-mod-replace.php

http://logout.sh/computers/ldap/