User self-service portal for OpenLDAP
If your an engineer who set up OpenLDAP recently for managing user access for all your applications, then you are probably facing an issue where the user cannot change or reset their own password.
OpenLDAP does not ship with a web client. The common web base client mostly used for OpenLDAP will be phpLDAPadmin. phpLDAPadmin is used for LDAP administration but does not have a self-service option for LDAP users.
I have set up OpenLDAP as an identity provider for all our application (Vault, Artifactory, OpenVPN, Linux Servers, etc.). Thus, when there is a new joiner or someone who quit the company, the engineer will only need to remove that user from OpenLDAP instead of each application. People tend to forget or misplaced their password, and the engineer will need to reset their password. The only way for the development team to change their password is to SSH into one of the Linux Server and using the command line to change their password, but that was not feasible, as our team consist of other roles like UX, Product Owner and Delivery manager that does not have access to the Linux Servers. As our team grow from 20 to 50 peoples, the tasks of resetting password grow. This also generates more work for the engineering team.
I could not find an easy solution in the market that could address my problem —a self-service portal for users to reset and change their password. This triggered me to create my own self-service portal, which I call LDAPSS(LDAP Self Service). LDAPSS is easy to set up and require no installation, and it can be deployed by copying the binary to a Linux Server(can be on the OpenLDAP Server). With LDAPSS, the user could now simply go to the portal to change and reset their password. The engineer is also relieved from this non-valuable task of resetting the user password.
