worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
LemonLDAP::NG Web SSO
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10599 Commits
107 Branches
123 Tags
109 MiB
 
 
 
 
 
Tag: Branch: Tree: b6c78511db
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b6c78511db'
${ noResults }
lemonldap-ng/doc/sources/admin/resetpassword.rst

91 lines
2.9 KiB
Raw Blame History

Reset password by mail
======================
Presentation
------------
LL::NG can propose a password reset form, for users who loose their
password (this kind of application is also called a self service
password interface).
Kinematics:
- User clicks on the link ``Reset my password``
- User enters his email (or another information) in the password reset
form
- LL::NG try to find the user in users database with the given
information
- A mail with a token is sent to user
- The user click on the link in the mail
- LL::NG validate the token and propose a password change form
- The user can choose a new password or ask to generate one
- The new password is sent to user by mail if user ask to generate one,
else the mail only confirm that the password was changed
.. tip::
If :doc:`LDAP backend<authldap>` is used, and LDAP password
policy is enabled, the 'password reset flag is set to true when password
is generated, so that the user is forced to change his password on next
connection. This feature can be disabled in
:doc:`LDAP configuration<authldap>`.
.. tip::
If the user do a new password reset request but there is
already a request pending, the user can ask the confirmation mail to be
resent. The request validity time is a configuration parameter.
Configuration
-------------
The reset password link must be activated, see
:ref:`portal customization<portalcustom-other-parameters>`.
The SMTP server must be setup, see :doc:`SMTP server setup<smtp>`.
Then go in Manager, ``General Parameters`` » ``Plugins`` »
``Password management`` :
- **Password reset mail content**:
- **Success mail subject**: Subject of mail sent when password is
changed (default: [LemonLDAP::NG] Your new password)
- **Success mail content** (optional): Content of mail sent when
password is changed
- **Confirmation mail subject**: Subject of mail sent when password
change is asked (default: [LemonLDAP::NG] Password reset
confirmation)
- **Confirmation mail content** (optional): Content of mail sent
when password change is asked
.. attention::
By default, mail content are empty in order to use HTML
templates:
- portal/skins/common/mail_confirm.tpl
- portal/skins/common/mail_password.tpl
If you define mail contents in Manager, HTML templates will not be used.
- **Other**:
- **Page URL**: URL of password reset page (default:
[PORTAL]/resetpwd)
- **Validity time of a password reset request**: number of seconds
for password reset request validity. During this period, user can
ask the confirmation mail to be resent (default: session timeout
value)
- **Display generate password box**: display a checkbox to allow
user to generate a new password instead of choosing one (default:
disabled)
::
* **Regexp for password generation**: Regular expression used to generate the password (default: [A-Z]{3}[a-z]{5}.\d{2})