<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
 lang="en" dir="ltr">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />

</head>
<body>
<div class="dokuwiki export">




<h1><a name="reset_password_by_mail" id="reset_password_by_mail">Reset password by mail</a></h1>
<div class="level1">

</div>
<!-- SECTION "Reset password by mail" [1-38] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">

<p>

<acronym title="LemonLDAP::NG">LL::NG</acronym> can propose a password reset form, for users who loose their password (this kind of application is also called a self service password interface).
</p>

<p>
Kinematics:
</p>
<ul>
<li class="level1"><div class="li"> User clicks on the link <code>Reset my password</code></div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step1.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step1.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step1.png" class="mediacenter" alt="" width="600" /></a>
</p>
<ul>
<li class="level1"><div class="li"> User enters his email (or another information) in the password reset form</div>
</li>
<li class="level1"><div class="li"> <acronym title="LemonLDAP::NG">LL::NG</acronym> try to find the user in users database with the given information</div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step2.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step2.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step2.png" class="mediacenter" alt="" width="600" /></a>
</p>
<ul>
<li class="level1"><div class="li"> A mail with a token is sent to user</div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step3.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step3.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step3.png" class="mediacenter" alt="" width="600" /></a>
</p>
<ul>
<li class="level1"><div class="li"> The user click on the link in the mail</div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step4.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step4.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step4.png" class="mediacenter" alt="" width="600" /></a>
</p>
<ul>
<li class="level1"><div class="li"> <acronym title="LemonLDAP::NG">LL::NG</acronym> validate the token and propose a password change form</div>
</li>
<li class="level1"><div class="li"> The user can choose a new password or ask to generate one</div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step2.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step2.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step2.png" class="mediacenter" alt="" width="600" /></a>
</p>
<ul>
<li class="level1"><div class="li"> The new password is sent to user</div>
</li>
</ul>

<p>
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step5.png?id=documentation%3A1.3%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step5.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step5.png" class="mediacenter" alt="" width="600" /></a>
</p>

<p>
<p><div class="notetip">If <a href="../../documentation/1.3/authldap.html" class="wikilink1" title="documentation:1.3:authldap">LDAP backend</a> is used, and <acronym title="Lightweight Directory Access Protocol">LDAP</acronym> password policy is enabled, the &#039;password reset flag is set to true when password is generated, so that the user is forced to change his password on next connection. This feature can be disabled in <a href="../../documentation/1.3/authldap.html" class="wikilink1" title="documentation:1.3:authldap">LDAP configuration</a>.
</div></p>
</p>

<p>
<p><div class="notetip">If the user do a new password reset request but there is already a request pending, the user can ask the confirmation mail to be resent. The request validity time is a configuration parameter.
</div></p>
</p>

</div>
<!-- SECTION "Presentation" [39-1551] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">

<p>

The reset password link must be activated, see <a href="../../documentation/1.3/portalcustom.html#other_parameters" class="wikilink1" title="documentation:1.3:portalcustom">portal customization</a>.
</p>

<p>
Then go in Manager, <code>General Parameters</code> » <code>Advanced Parameters</code> » <code>Password management</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym></strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> Server</strong>: <acronym title="Internet Protocol">IP</acronym> or hostname of the <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server</div>
</li>
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> User</strong>: <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> user if authentication is required</div>
</li>
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> Password</strong>: <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> password if authentication is required</div>
</li>
</ul>
</li>
</ul>

<p>

<p><div class="notetip">
</p>
<ul>
<li class="level1"><div class="li"> If no <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server is configured, the mail will be sent via the local sendmail program. Else, Net::<acronym title="Simple Mail Transfer Protocol">SMTP</acronym> module is required to use the <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server</div>
</li>
<li class="level1"><div class="li"> The <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server value can hold the port, for example: <code>mail.example.com:25</code></div>
</li>
<li class="level1"><div class="li"> If authentication is configured, Authen::SASL and <acronym title="Multipurpose Internet Mail Extension">MIME</acronym>::Base64 modules are required</div>
</li>
</ul>

<p>

</div></p>

</p>
<ul>
<li class="level1"><div class="li"> <strong>Mail headers</strong>:  </div>
<ul>
<li class="level2"><div class="li"> <strong>Mail sender</strong>: address seen in the “From” field (default: noreply@[DOMAIN])</div>
</li>
<li class="level2"><div class="li"> <strong>Reply address</strong>: address seen in the “Reply-To” field</div>
</li>
<li class="level2"><div class="li"> <strong>Mail charset</strong>: Charset used for the body of the mail (default: utf-8)</div>
</li>
</ul>
</li>
</ul>
<ul>
<li class="level1"><div class="li"> <strong>Mail content</strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong>Success mail subject</strong>: Subject of mail sent when password is changed (default: [LemonLDAP::NG] Your new password)</div>
</li>
<li class="level2"><div class="li"> <strong>Success mail content</strong> (optional): Content of mail sent when password is changed</div>
</li>
<li class="level2"><div class="li"> <strong>Confirmation mail subject</strong>: Subject of mail sent when password change is asked (default: [LemonLDAP::NG] Password reset confirmation)</div>
</li>
<li class="level2"><div class="li"> <strong>Confirmation mail content</strong> (optional): Content of mail sent when password change is asked</div>
</li>
</ul>
</li>
</ul>

<p>

<p><div class="noteimportant">
By default, mail content are empty in order to use <acronym title="HyperText Markup Language">HTML</acronym> templates:
</p>
<ul>
<li class="level1"><div class="li"> portal/skins/common/mail_confirm.tpl</div>
</li>
<li class="level1"><div class="li"> portal/skins/common/mail_password.tpl</div>
</li>
</ul>

<p>

If you define mail contents in Manager, <acronym title="HyperText Markup Language">HTML</acronym> templates will not be used.

</div></p>

</p>
<ul>
<li class="level1"><div class="li"> <strong>Other</strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong>Page <acronym title="Uniform Resource Locator">URL</acronym></strong>: <acronym title="Uniform Resource Locator">URL</acronym> of password reset page (default: [PORTAL]/mail.pl)</div>
</li>
<li class="level2"><div class="li"> <strong>Regexp for password generation</strong>: Regular expression used to generate the password (default: [A-Z]{3}[a-z]{5}.\d{2})</div>
</li>
<li class="level2"><div class="li"> <strong>Validity time of a password reset request</strong>: number of seconds for password reset request validity. During this period, user can ask the confirmation mail to be resent (default: session timeout value)</div>
</li>
<li class="level2"><div class="li"> <strong>Session key containing mail address</strong>: name of the session key containing email address. This value will be used to know to which recipient the has to be sent (default: mail).</div>
</li>
</ul>
</li>
</ul>

</div>
<!-- SECTION "Configuration" [1552-] --></div><!-- closes <div class="dokuwiki export">-->