This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

How to add password reset option in roundcube
#1
How to add password reset option in roundcube
Hello Everyone,
I installed sentora on my ubuntu 14.04 VPS. Everything works great. I want to add password reset/change option in roundcube web interface or roundcube's login page. how to do that? i don't want to login in control panel to change passwords because i can't share zadmin/zuser password to my office users and they have to option to change password.
Thank you so much.
Reply
Thanks given by:
#2
RE: How to add password reset option in roundcube
Search the forum issue already discussed here.

You need to enable a plugin for that.

M B
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask

200$ free to start your VPS 60 days credit
Reply
Thanks given by:
#3
RE: How to add password reset option in roundcube
I didn’t find any link Sad can you give me the link please?
Reply
Thanks given by:
#4
RE: How to add password reset option in roundcube
Not to be rude or something but you know there is an search option on every forum there is?
First and only result if you search on "roundcube password". Smile

My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons

Sentora's development takes way too long, so i'm transitioning to HestiaCP.
Reply
Thanks given by:
#5
RE: How to add password reset option in roundcube
Hi guys,

I followed this guide:

We already have all installed with the current sentora installer to get this feature. After a bit of reading in docs here is all that needs to be done:

in /etc/sentora/configs/roundcube/main.inc.php (row 378) replace:
Code:
$rcmail_config['plugins'] = array('managesieve');

with

$rcmail_config['plugins'] = array('managesieve','password');
This turns on the already installed plugin.

in the plugin config file set this values:
/etc/sentora/panel/etc/apps/webmail/plugins/password/config.inc.php

Code:
$rcmail_config['password_driver'] = 'sql';
$rcmail_config['password_confirm_current'] = true;
$rcmail_config['password_minimum_length'] = 0;  # <- or set to minimum password length
$rcmail_config['password_require_nonalpha'] = false; #<- set to true to only allow more complex passwords
$rcmail_config['password_log'] = false;

// SQL Driver options
$rcmail_config['password_db_dsn'] = 'mysql://postfix:<<insert your real pasword here>>@localhost/sentora_postfix';
// Intended on fleshing this out a bit, but wanted to get something working first
$rcmail_config['password_query'] = 'UPDATE mailbox SET password=%D WHERE username=%u';
$rcmail_config['password_idn_ascii'] = false;
// Also tried making a shell script called dovecotpw that just passes the arguments on to doveadm pw, no difference
$rcmail_config['password_dovecotpw'] = '/usr/bin/doveadm pw';
$rcmail_config['password_dovecotpw_method'] = 'PLAIN-MD5';
$rcmail_config['password_dovecotpw_with_method'] = true;

After those two steps are done every user logged into the webmail system is able to change his/her own password. Menu (Settings) -> Password

My problem is that doesn't work... Can you help me? I'm on Ubuntu 14.04. When I write the old password, the operation is OK. Sorry for my english... Wink
Reply
Thanks given by:
#6
RE: How to add password reset option in roundcube
Hi All,

I know it may be a bit late to post this. But I just successfully enable to change password function in Roundcube and I spotted few things that some new users like me that did not. So I would like to highlight few key things to make it work just to help out others in need

The above guide is working, but whoever that try to apply the changes need to read through as you may need to change some lines . Here what need to be change:


Quote:$rcmail_config['password_db_dsn'] = 'mysql://postfix:<<insert your real pasword here>>@localhost/sentora_postfix';

look at underlined section, over here you need to replace it with your own mysql password for the user 'postfix'


Quote:/etc/sentora/panel/etc/apps/webmail/plugins/password/config.inc.php

Also for this part where the file located, you may encounter the filename as config.inc.php.dist so what you need to do is to rename it to config.inc.php to activate it, or else the function will still disable


NOTE: If you encounter issue something like "decryption not available" you need to check your config line


Quote:$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE username=%u';

By default it uses %D where it means it uses dovecotpw. If you would like to use that, you need to change the dovecotpw path in config.inc.php file to the right path. If you don't have dovecotpw, you can either compile your own or use other options in the config.


That's all! Thanks!
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
Reply
Thanks given by:
#7
RE: How to add password reset option in roundcube
(07-12-2015, 07:55 PM)Dimenxion Wrote: Hi All,

I know it may be a bit late to post this. But I just successfully enable to change password function in Roundcube and I spotted few things that some new users like me that did not. So I would like to highlight few key things to make it work just to help out others in need

The above guide is working, but whoever that try to apply the changes need to read through as you may need to change some lines . Here what need to be change:


Quote:$rcmail_config['password_db_dsn'] = 'mysql://postfix:<<insert your real pasword here>>@localhost/sentora_postfix';

look at underlined section, over here you need to replace it with your own mysql password for the user 'postfix'


Quote:/etc/sentora/panel/etc/apps/webmail/plugins/password/config.inc.php

Also for this part where the file located, you may encounter the filename as config.inc.php.dist so what you need to do is to rename it to config.inc.php to activate it, or else the function will still disable


NOTE: If you encounter issue something like "decryption not available" you need to check your config line


Quote:$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE username=%u';

By default it uses %D where it means it uses dovecotpw. If you would like to use that, you need to change the dovecotpw path in config.inc.php file to the right path. If you don't have dovecotpw, you can either compile your own or use other options in the config.


That's all! Thanks!
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';


Could not save new password.
message appearing when i change password. How to fix this issue
Reply
Thanks given by:
#8
RE: How to add password reset option in roundcube
here too...
please, help us.



(07-26-2015, 08:29 AM)sknd Wrote:
(07-12-2015, 07:55 PM)Dimenxion Wrote: Hi All,

I know it may be a bit late to post this. But I just successfully enable to change password function in Roundcube and I spotted few things that some new users like me that did not. So I would like to highlight few key things to make it work just to help out others in need

The above guide is working, but whoever that try to apply the changes need to read through as you may need to change some lines . Here what need to be change:


Quote:$rcmail_config['password_db_dsn'] = 'mysql://postfix:<<insert your real pasword here>>@localhost/sentora_postfix';

look at underlined section, over here you need to replace it with your own mysql password for the user 'postfix'


Quote:/etc/sentora/panel/etc/apps/webmail/plugins/password/config.inc.php

Also for this part where the file located, you may encounter the filename as config.inc.php.dist so what you need to do is to rename it to config.inc.php to activate it, or else the function will still disable


NOTE: If you encounter issue something like "decryption not available" you need to check your config line


Quote:$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE username=%u';

By default it uses %D where it means it uses dovecotpw. If you would like to use that, you need to change the dovecotpw path in config.inc.php file to the right path. If you don't have dovecotpw, you can either compile your own or use other options in the config.


That's all! Thanks!
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';


Could not save new password.
message appearing when i change password. How to fix this issue
Reply
Thanks given by:
#9
RE: How to add password reset option in roundcube
open /etc/sentora/panel/etc/apps/webmail/plugins/password/config.inc.php

and past
Code:
<?php

// Password Plugin options
// -----------------------
// A driver to use for password change. Default: "sql".
// See README file for list of supported driver names.
$config['password_driver'] = 'sql';

// Determine whether current password is required to change password.
// Default: false.
$config['password_confirm_current'] = true;

// Require the new password to be a certain length.
// set to blank to allow passwords of any length
$config['password_minimum_length'] = 6;

// Require the new password to contain a letter and punctuation character
// Change to false to remove this check.
$config['password_require_nonalpha'] = false;

// Enables logging of password changes into logs/password
$config['password_log'] = false;

// Comma-separated list of login exceptions for which password change
// will be not available (no Password tab in Settings)
$config['password_login_exceptions'] = null;

// Array of hosts that support password changing. Default is NULL.
// Listed hosts will feature a Password option in Settings; others will not.
// Example:
//$config['password_hosts'] = array('mail.example.com', 'mail2.example.org');
$config['password_hosts'] = null;

// Enables saving the new password even if it matches the old password. Useful
// for upgrading the stored passwords after the encryption scheme has changed.
$config['password_force_save'] = false;


// SQL Driver options
// ------------------
// PEAR database DSN for performing the query. By default
// Roundcube DB settings are used.
$rcmail_config['password_db_dsn'] = 'mysql://postfix:MYPOSTFIXMYSQLPASSWORD@localhost/sentora_postfix';

// The SQL query used to change the password.
// The query can contain the following macros that will be expanded as follows:
//      %p is replaced with the plaintext new password
//      %c is replaced with the crypt version of the new password, MD5 if available
//         otherwise DES. More hash function can be enabled using the password_crypt_hash
//         configuration parameter.
//      %D is replaced with the dovecotpw-crypted version of the new password
//      %o is replaced with the password before the change
//      %n is replaced with the hashed version of the new password
//      %q is replaced with the hashed password before the change
//      %h is replaced with the imap host (from the session info)
//      %u is replaced with the username (from the session info)
//      %l is replaced with the local part of the username
//         (in case the username is an email address)
//      %d is replaced with the domain part of the username
//         (in case the username is an email address)
// Escaping of macros is handled by this module.
// Default: "SELECT update_passwd(%c, %u)"
//$config['password_query'] = 'SELECT update_passwd(%c, %u)';
$config['password_query'] = 'UPDATE mailbox SET password=CONCAT(\'{PLAIN-MD5}\',MD5(%p)) WHERE username=%u AND password=CONCAT(\'{PLAIN-MD5}\',MD5(%o)) LIMIT 1';

// By default the crypt() function which is used to create the '%c'
// parameter uses the md5 algorithm. To use different algorithms
// you can choose between: des, md5, blowfish, sha256, sha512.
// Before using other hash functions than des or md5 please make sure
// your operating system supports the other hash functions.
$config['password_crypt_hash'] = 'md5';

// By default domains in variables are using unicode.
// Enable this option to use punycoded names
$config['password_idn_ascii'] = false;

// Path for dovecotpw (if not in $PATH)
// $config['password_dovecotpw'] = '/usr/bin/doveadm pw';

// Dovecot method (dovecotpw -s 'method')
$config['password_dovecotpw_method'] = 'PLAIN-MD5';

// Enables use of password with crypt method prefix in %D, e.g. {MD5}$1$LUiMYWqx$fEkg/ggr/L6Mb2X7be4i1/
$config['password_dovecotpw_with_method'] = false;

// Using a password hash for %n and %q variables.
// Determine which hashing algorithm should be used to generate
// the hashed new and current password for using them within the
// SQL query. Requires PHP's 'hash' extension.
$config['password_hash_algorithm'] = 'sha1';

// You can also decide whether the hash should be provided
// as hex string or in base64 encoded format.
$config['password_hash_base64'] = false;


// Poppassd Driver options
// -----------------------
// The host which changes the password
$config['password_pop_host'] = 'localhost';

// TCP port used for poppassd connections
$config['password_pop_port'] = 106;


// SASL Driver options
// -------------------
// Additional arguments for the saslpasswd2 call
$config['password_saslpasswd_args'] = '';


// LDAP and LDAP_SIMPLE Driver options
// -----------------------------------
// LDAP server name to connect to.
// You can provide one or several hosts in an array in which case the hosts are tried from left to right.
// Exemple: array('ldap1.exemple.com', 'ldap2.exemple.com');
// Default: 'localhost'
$config['password_ldap_host'] = 'localhost';

// LDAP server port to connect to
// Default: '389'
$config['password_ldap_port'] = '389';

// TLS is started after connecting
// Using TLS for password modification is recommanded.
// Default: false
$config['password_ldap_starttls'] = false;

// LDAP version
// Default: '3'
$config['password_ldap_version'] = '3';

// LDAP base name (root directory)
// Exemple: 'dc=exemple,dc=com'
$config['password_ldap_basedn'] = 'dc=exemple,dc=com';

// LDAP connection method
// There is two connection method for changing a user's LDAP password.
// 'user': use user credential (recommanded, require password_confirm_current=true)
// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
// Default: 'user'
$config['password_ldap_method'] = 'user';

// LDAP Admin DN
// Used only in admin connection mode
// Default: null
$config['password_ldap_adminDN'] = null;

// LDAP Admin Password
// Used only in admin connection mode
// Default: null
$config['password_ldap_adminPW'] = null;

// LDAP user DN mask
// The user's DN is mandatory and as we only have his login,
// we need to re-create his DN using a mask
// '%login' will be replaced by the current roundcube user's login
// '%name' will be replaced by the current roundcube user's name part
// '%domain' will be replaced by the current roundcube user's domain part
// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com'
$config['password_ldap_userDN_mask'] = 'uid=%login,ou=people,dc=exemple,dc=com';

// LDAP search DN
// The DN roundcube should bind with to find out user's DN
// based on his login. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// Use this if you cannot specify a general template for user DN with
// password_ldap_userDN_mask. You need to perform a search based on
// users login to find his DN instead. A common reason might be that
// your users are placed under different ou's like engineering or
// sales which cannot be derived from their login only.
$config['password_ldap_searchDN'] = 'cn=roundcube,ou=services,dc=example,dc=com';

// LDAP search password
// If password_ldap_searchDN is set, the password to use for
// binding to search for user's DN. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// Warning: Be sure to set approperiate permissions on this file so this password
// is only accesible to roundcube and don't forget to restrict roundcube's access to
// your directory as much as possible using ACLs. Should this password be compromised
// you want to minimize the damage.
$config['password_ldap_searchPW'] = 'secret';

// LDAP search base
// If password_ldap_searchDN is set, the base to search in using the filter below.
// Note that you should comment out the default password_ldap_userDN_mask setting
// for this to take effect.
$config['password_ldap_search_base'] = 'ou=people,dc=example,dc=com';

// LDAP search filter
// If password_ldap_searchDN is set, the filter to use when
// searching for user's DN. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// '%login' will be replaced by the current roundcube user's login
// '%name' will be replaced by the current roundcube user's name part
// '%domain' will be replaced by the current roundcube user's domain part
// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
// Example: '(uid=%login)'
// Example: '(&(objectClass=posixAccount)(uid=%login))'
$config['password_ldap_search_filter'] = '(uid=%login)';

// LDAP password hash type
// Standard LDAP encryption type which must be one of: crypt,
// ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, ad or clear.
// Please note that most encodage types require external libraries
// to be included in your PHP installation, see function hashPassword in drivers/ldap.php for more info.
// Default: 'crypt'
$config['password_ldap_encodage'] = 'crypt';

// LDAP password attribute
// Name of the ldap's attribute used for storing user password
// Default: 'userPassword'
$config['password_ldap_pwattr'] = 'userPassword';

// LDAP password force replace
// Force LDAP replace in cases where ACL allows only replace not read
// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
// Default: true
$config['password_ldap_force_replace'] = true;

// LDAP Password Last Change Date
// Some places use an attribute to store the date of the last password change
// The date is meassured in "days since epoch" (an integer value)
// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange)
$config['password_ldap_lchattr'] = '';

// LDAP Samba password attribute, e.g. sambaNTPassword
// Name of the LDAP's Samba attribute used for storing user password
$config['password_ldap_samba_pwattr'] = '';

// LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet
// Some places use an attribute to store the date of the last password change
// The date is meassured in "seconds since epoch" (an integer value)
// Whenever the password is changed, the attribute will be updated if set
$config['password_ldap_samba_lchattr'] = '';


// DirectAdmin Driver options
// --------------------------
// The host which changes the password
// Use 'ssl://host' instead of 'tcp://host' when running DirectAdmin over SSL.
// The host can contain the following macros that will be expanded as follows:
//     %h is replaced with the imap host (from the session info)
//     %d is replaced with the domain part of the username (if the username is an email)
$config['password_directadmin_host'] = 'tcp://localhost';

// TCP port used for DirectAdmin connections
$config['password_directadmin_port'] = 2222;


// vpopmaild Driver options
// -----------------------
// The host which changes the password
$config['password_vpopmaild_host'] = 'localhost';

// TCP port used for vpopmaild connections
$config['password_vpopmaild_port'] = 89;


// cPanel Driver options
// --------------------------
// The cPanel Host name
$config['password_cpanel_host'] = 'host.domain.com';

// The cPanel admin username
$config['password_cpanel_username'] = 'username';

// The cPanel admin password
$config['password_cpanel_password'] = 'password';

// The cPanel port to use
$config['password_cpanel_port'] = 2087;


// XIMSS (Communigate server) Driver options
// -----------------------------------------
// Host name of the Communigate server
$config['password_ximss_host'] = 'mail.example.com';

// XIMSS port on Communigate server
$config['password_ximss_port'] = 11024;


// chpasswd Driver options
// ---------------------
// Command to use
$config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null';


// XMail Driver options
// ---------------------
$config['xmail_host'] = 'localhost';
$config['xmail_user'] = 'YourXmailControlUser';
$config['xmail_pass'] = 'YourXmailControlPass';
$config['xmail_port'] = 6017;


// hMail Driver options
// -----------------------
// Remote hMailServer configuration
// true:  HMailserver is on a remote box (php.ini: com.allow_dcom = true)
// false: Hmailserver is on same box as PHP
$config['hmailserver_remote_dcom'] = false;
// Windows credentials
$config['hmailserver_server'] = array(
   'Server' => 'localhost', // hostname or ip address
   'Username' => 'administrator', // windows username
   'Password' => 'password' // windows user password
);


// Virtualmin Driver options
// -------------------------
// Username format:
// 0: username@domain
// 1: username%domain
// 2: username.domain
// 3: domain.username
// 4: username-domain
// 5: domain-username
// 6: username_domain
// 7: domain_username
$config['password_virtualmin_format'] = 0;


// pw_usermod Driver options
// --------------------------
// Use comma delimited exlist to disable password change for users
// Add the following line to visudo to tighten security:
// www  ALL=NOPASSWORD: /usr/sbin/pw
$config['password_pw_usermod_cmd'] = 'sudo /usr/sbin/pw usermod -h 0 -n';


// DBMail Driver options
// -------------------
// Additional arguments for the dbmail-users call
$config['password_dbmail_args'] = '-p sha512';


// Expect Driver options
// ---------------------
// Location of expect binary
$config['password_expect_bin'] = '/usr/bin/expect';

// Location of expect script (see helpers/passwd-expect)
$config['password_expect_script'] = '';

// Arguments for the expect script. See the helpers/passwd-expect file for details.
// This is probably a good starting default:
//   -telent -host localhost -output /tmp/passwd.log -log /tmp/passwd.log
$config['password_expect_params'] = '';


// smb Driver options
// ---------------------
// Samba host (default: localhost)
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
$config['password_smb_host'] = 'localhost';
// Location of smbpasswd binary
$config['password_smb_cmd'] = '/usr/bin/smbpasswd';
And save

It works on my server
Sentora 1.0.3 on [Image: DO_Logo_Horizontal_Blue-3db19536.png]

-= Github =-  -= My Repo =-

My Modules
Reply
Thanks given by: davi-dns
#10
RE: How to add password reset option in roundcube
here not work, centos 7

:/
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
How to upgrade RoundCube rajeevrrs 0 2 ,111 11-01-2022, 10:19 PM
Last Post: rajeevrrs
can not send email - SMTP error on roundcube wolvepy 9 31 ,818 01-03-2020, 08:37 AM
Last Post: Telepuzik
Increase maximum size on import files (roundcube) dimnas 1 11 ,732 02-21-2018, 01:30 PM
Last Post: TGates

Forum Jump:


Users browsing this thread: 7 Guest(s)