Skip to content

Latest commit

 

History

History
executable file
·
165 lines (116 loc) · 5.92 KB

README.md

File metadata and controls

executable file
·
165 lines (116 loc) · 5.92 KB

Active Directory Password Reset Service PyPass Logo

PyPass: A self-service password change utility for Active Directory

⭐ Please star this project if you find it useful!

Overview

PyPass is a very simple 1-page web application written in Python, using Flask , Angular Material, Ldap3, and Microsoft Directory Services (Default provider).

It allows users to change their Active Directory password on their own, provided the user is not disabled.

PyPass does not require any configuration, as it obtains the principal context from the current domain. There really is no free alternative out there (that I know of) so hopefully this saves someone else some time and money.

Features

PyPass has the following features:

  • Easily localizable
  • Supports reCAPTCHA
  • Responsive design that works on mobiles, tablets, and desktops.
  • Works with Windows/Linux servers.

Installation

You can easily install using Python3 and Flask. Check the next section to know how.

To enable ldap services in the server(Windows) you need to install the Certificate services on the server. Follow this steps to do it

Docker

  1. Just clone the repo and Modify the config.json file with the correct entries.

  2. After run the follow docker command:

    >>>docker build -t pypass:latest .
    
  3. Run the Docker command to run the image:

    >>>docker run --dns <ip of your DNS server or AD> --name pypaxs -d -p 80:5000 --rm pypass:latest
    

By default the container will be run in the port:5000 and localhost. With this command you can route the port to the 80 or any you prefer.

Customization and Configuration

All server-side settings and client-side settings are stored in the src/config.json file inside the APP folder. The most relevant configuration entries are shown below. Make sure you make your changes to the config.json file using a regular text editor like Visual Studio Code or sublime Text.

This is the Format of the config file:

{
  "SECRET_KEY_FLASK": "werewtrwetewrwer53535353",
  "SLACK_BOT_TOKEN" : "xoxb-",
  "domain": "domain.com",
  "BASEDN": "OU=Users,dc=domain,dc=com",
  "user_admin" : "admin-user",
  "passwd_admin" : "password_admin",
  "slack_db" : "slack_db.json",
  "Slack_Activation" : "False",
  "debug": "True",
  "company": "DIGITALEBRAIN",
  "RECAPTCHA_PUBLIC_KEY": "GOOGLE CODE",
  "RECAPTCHA_PRIVATE_KEY": "GOOGLE CODE"
}
  1. To enable The Secret Key in the App: Find the SECRET_KEY_FLASK entry and enter your private key: To create your personal SECRET_KEY_FLASK In a command promt do the following:

    >>>python3
    Python 3.7.2
    [Clang 10.0.0 (clang-1000.11.45.5)] on darwin
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import secrets
    >>> stk = secrets.token_hex(16)
    >>> print(stk)

    Copy the code in the entrie.

  2. Find the SLACK_BOT_TOKEN entry and enter your Slack Token To get your slack Token follow this steps and your Token need to start with xoxb-

  3. For the AD Credentials need to have admin priviligies or the user be able to change passwords.

    "domain": "domain.com",
    "BASEDN": "OU=Users,dc=domain,dc=com",
    "user_admin" : "admin-user",
    "passwd_admin" : "password_admin",

Slack

  1. To enable and use the slack notification, you need to download the slack DB in a file and put in the same folder SRC FOLDER of the config file.

    • To Download the Slack DB do the follow.
    • Create a Python file and put this code:
    import json
    from slackclient import SlackClient
    
    SLACK_BOT_TOKEN = "xoxb-YOUR-TOKEN"
    data = json.dumps(sc.api_call("users.list"), indent=4, sort_keys=True)
    print(data)

    Once in the command promt line export the results in a JSON file:

    >>>python3 slack_file.py >> slack_db.json
    

    The File have to be in the src folder and put the complete name of the file in the entrie "slack_db" : "slack_db.json", Once you have that change the "Slack_Activation" : "False" to True.

  2. Put the Recaptcha Codes in the entries:

    "RECAPTCHA_PUBLIC_KEY": "GOOGLE CODE",
    "RECAPTCHA_PRIVATE_KEY": "GOOGLE CODE"

    To get this codes click in this link

  3. The rest of the configuration entries are all pretty much all UI strings. Change them to localize, or to brand this utility, to meet your needs.

Troubleshooting

  • None Reported

LDAP Support

  • None reported

Build your own version

If you need to modify the source code (either backend or frontend). You require Python3 and Flask.

Note -

License

PyPass is open source software and MIT licensed. Please star this project if you like it.