搭建ldap自助修改密码系统--Self Service Password

参考文章：https://www.cnblogs.com/imcati/p/9396808.html

官方文档：https://ltb-project.org/documentation/self-service-password

https://ltb-project.org/documentation/self-service-password/1.3/install_debian

我的操作系统是Ubuntu 18.04 64位，已有LAMP环境，SSP软件用的是1.3稳定版。参照了自行加源，apt方式的安装。也试过下载deb包，用dpkg -i的方式安装，都是可以的。

1. 在安装完之后，在/etc/apache2/sites-available/下会有一个self-service-password.conf文件，自行修改server name（ssp.example.com），将建立一个虚拟主机。

在/etc/apache2/sites-enable/目录下，建立self-service-password.conf的连接(ln -s)，重启apache2。

2. 访问ssp.example.com,可以看到Self Service Password页面了。

这时，会看到有个错误，需要修改安装目录/usr/share/self-service-password/conf下的config.inc.php文件，找到$keyphrase = "secret"; 将secret修改成任意字串。重新访问就可以了。

3. 根据官方的建议，在安装目录/usr/share/self-service-password/conf下增加一个配置文件config.inc.local.php，这样后续升级不会破坏自己的配置。用这个文件配置LDAP服务器和smtp邮件服务。

配置如下：

//Server address
$ldap_url = "ldap://ldap.example.com:389";

//Credentials
$ldap_binddn = "cn=manager,dc=example,dc=com";
$ldap_bindpw = "secret";

$who_change_password = "manager";

//Search parameters
$ldap_base = "ou=People,dc=example,dc=com";
$ldap_filter = "(&(objectClass=person)(uid={login}))";

//mail
$mail_attribute = "mail";
$mail_address_use_ldap = false;
$mail_from = "scm_admin@example.com";
$mail_from_name = "账号密码重置";
$mail_signature = "";
# Notify users anytime their password is changed
$notify_on_change = true;
# PHPMailer configuration (see https://github.com/PHPMailer/PHPMailer)
$mail_sendmailpath = '/usr/sbin/sendmail';
$mail_protocol = 'smtp';
$mail_smtp_debug = 2;
$mail_debug_format = 'error_log';
$mail_smtp_host = '192.168.88.10';
$mail_smtp_auth = "login";
$mail_smtp_user = 'scm_admin';
$mail_smtp_pass = '123456';
$mail_smtp_port = 25;
$mail_smtp_timeout = 30;
$mail_smtp_keepalive = false;
$mail_smtp_secure = '';
$mail_smtp_autotls = true;
$mail_contenttype = 'text/plain';
$mail_wordwrap = 0;
$mail_charset = 'utf-8';
$mail_priority = 3;
$mail_newline = PHP_EOL;

4.重新访问self-service-password页面，可以访问通过旧密码修改新密码，也可以通过邮件重置密码了。