Adding PWM, a Free Password Reset Tool, to a Windows Network

People asking you to reset their passwords all the time?

Would it lighten your workload to have them reset it themselves with a web-based interface?

Trying to implement a better password policy to break your users out of bad practices?

Well, there’s a Microsoft service that can handle this for you. But there are license costs. And it turns out that it’s actually not even as good as the open source alternative: PWM. This is a very powerful, self-service password reset tool that integrates with your existing MS Active Directory infrastructure using LDAP.

This guide will show you how to configure PWM start to finish with SSL cert installation and MYSQL database setup included.

I will be using Ubuntu Server 16.04 for this guide. I have tried with 18.04 but with varying degrees of success. It seems that 18.04, at the time of writing this article, has some compatibility issues with some of the packages that get installed in the process.

The official installation instructions are actually pretty good – even a Windows guy like me could figure out most of it. But I got stuck a bit trying to configure the SSL certificates and configuring PWM to use a remote database. Having taken the effort to figure these bits out, I wanted to share what I’d done to make it easier for the next guy 🙂

Read more “Adding PWM, a Free Password Reset Tool, to a Windows Network”