AD password field for userModifyPassword is not userPassword but unicodePwd and must be quoted and unicoded
on LDAP Auth with LDAP user DB, when connecting to an Active Directory on LDAPS, user can't modify his password
(N.B. : LDAPS is necessary to be allowed to change password on an AD)
I found that it is due to the LDAP field used to provide password in LL::NG : userPassword
see /usr/share/perl5/Lemonldap/NG/Portal/_LDAP.pm on userModifyPassword function
I fix it by changing the field to 'unicodePwd' instead of 'userPassword' and by adding quote and unicoding the password
let see the patch attached (for v1.2.1)
my $npass;
Add quotes and uniCode
map { npass .= "
_\000" } split(//, ""$newpassword"");
Use standard modification
$mesg = $self->modify( $dn, replace => { unicodePwd => $npass } );
For my case it fixes the issue, but it would be better to choose userPassword when connecting to a standard LDAP server (openLDAP for instance) and unicodePwd when connecting to an Active Directory but I don't know how to do that ... counting on the core team ;-)