-----

 Password changing in Roundcube - Centos 

# vi /etc/roundcubemail/config.inc.php

$config['plugins'] = array('xskin', 'password');

OR

$config['plugins'] = array('password');

plugins

cp /usr/share/roundcubemail/plugins/password/config.inc.php.dist /usr/share/roundcubemail/plugins/password/config.inc.php

#   cd /usr/share/roundcubemail/plugins/password

# cp config.inc.php.dist  config.inc.php

# vi /usr/share/roundcubemail/plugins/password/config.inc.php

$config['password_db_dsn'] = 'mysql://postfixadmin:MYSQLpassword@localhost/postfixadmin';

$config['password_query'] = 'UPDATE mailbox SET password = %c, modified=now() WHERE username = %u LIMIT 1';

# systemctl restart httpd

----------------------

vi /etc/roundcubemail/config.inc.php

$config['plugins'] = array('xskin', 'password');

roundcube password plugin with sql driver and mysql encrypt

https://serverfault.com/questions/575389/howto-setup-roundcube-password-plugin-with-sql-driver-and-mysql-encrypt-using-ra

.../plugins/password/README and .../plugins/password/config.inc.php.dist

# vi /usr/share/roundcubemail/plugins/password/config.inc.php

$config['password_driver'] = 'sql';

$config['password_confirm_current'] = true;

$config['password_minimum_length'] = 8;

$config['password_require_nonalpha'] = false;

$config['password_log'] = false;

$config['password_login_exceptions'] = null;

// If the server is accessed via fqdn, replace localhost by the fqdn:

$config['password_hosts'] = array('127.0.0.1');

$config['password_force_save'] = true;

// SQL Driver options

$config['password_db_dsn'] = 'mysql://user:pass@localhost/maildb';

// SQL Update Query with encrypted password using random 8 character salt

$config['password_query'] = 'UPDATE users SET crypt=ENCRYPT(%p,CONCAT(_utf8\'$5$\',RIGHT(MD5(RAND()),8),_utf8\'$\')) WHERE id=%u LIMIT 1';

Assuming you will use the same mysql user for the password plugin to update the password, you have to GRANT SELECT and UPDATE privileges on the table 'users' in 'maildb' to the 'roundcube' mysql user:

Configuring the password plugin

We urge our users to change their passwords frequently. So we need to give them a chance to actually do that. Copy the default configuration file /usr/share/roundcube/plugins/password/config.inc.php to the right place:

cp /usr/share/roundcube/plugins/password/config.inc.php.dist /etc/roundcube/plugins/password/config.inc.php

The configuration file at /etc/roundcube/plugins/password/config.inc.php requires a couple of changes though. We need to tell it how our database works and what to do when a user wants to change their password. The first setting deals with the minimal length of the password. I recommend to enforce at least 10 characters. In fact the complexity of the password is not that important. Consider XKCD as food for thought on password security. So set:

$config['password_minimum_length'] = 10;

We should allow the user to use the old password as the new password. It may sound stupid but as we are upgrading the password scheme from the weak unsalted MD5 to the better SHA2 algorithm we should allow that:

$config['password_force_save'] = true;

Next the password plugin needs to know how to access your database:

$config['password_db_dsn'] = 'mysql://mailuser:ChangeMe@127.0.0.1/mailserver';

Replace “ChangeMe” by the randomly generated password you created earlier for the “mailuser” MySQL user.

Now tell the plugin how to actually write the new password hash into the database:

$config['password_query'] = "UPDATE virtual_users SET password=CONCAT('{SHA256-CRYPT}', ENCRYPT (%p, CONCAT('$5$', SUBSTRING(SHA(RAND()), -16)))) WHERE email=%u;";

----

Roundcube Password change plugin

o enable the email account password change option from roundcube, you can add the following in file:

/usr/local/apache/htdocs/roundcube/config/main.inc.php

Don’t forget to replace your postfix user “PASSWORD”

$rcmail_config['plugins'] = array('password'); $rcmail_config['password_driver'] = 'sql'; $rcmail_config['password_db_dsn'] = 'mysql://postfix:PASSWORD@localhost/postfix'; $rcmail_config['password_query'] = "UPDATE mailbox SET password=CONCAT('{PLAIN-MD5}', MD5(%p)),modified=NOW() WHERE username=%u LIMIT 1";

You can find your postfix password here:

grep pass /etc/postfix/mysql-virtual_mailbox_maps.cf

                                                                                   -----------------

Enable Roundcube Plugins

Roundcube comes with a number of plugins which are disabled by default. In this guide we will enable password and managesieve plugins. This plugins will allow users to create sieve filters and change their passwords from within the Roundcube interface.

/var/www/roundcubemail/config/config.inc.php

// Enable plugins $config['plugins'] = array('managesieve','password'); // Configure managesieve plugin $rcmail_config['managesieve_port'] = 4190; // Configure password plugin $config['password_driver'] = 'sql'; $config['password_db_dsn'] = 'mysql://postfixadmin:P4ssvv0rD@localhost/postfixadmin'; $config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';

Copy

                                                                                         ----------

                             ------------------------X-------------------------------------------------

If you want to set up the Roundcube password plugin on a mail system that is administered with Postfixadmin, you could be in a small trouble, because it’s not supported by default.

Here are the steps,  how to adapt it’s configuration:

• 1.  after you have activated the plugin within Roundcube, go to the plugin directory ~/pluigins/password and copy or rename the file config.inc.php.dist to config.inc.php  and adjust the options according to your needs

  2.  there are two lines that you’ll have to edit specifically, to set the plugin to access the SQL table created by Postfixadmin:

Around line 45, the $config[‘password_db_dsn’] – you’ll have to define the exact way that Postfiadmin is accessing the mailbox table in the database, otherwise it will default to Roundcube’s database (which is totally wrong, your mailbox passwords are defined withing Postfixadmin’s database). So it’ll look something like:

      $config[‘password_db_dsn’] = ‘mysql://username:password@localhost/postfixadmin’

where the /postfixadmin at the end is the name of the database the Postfixadmin uses (postfixadmn is the default)

And the 2nd line you need to se it the database query that will edit the password in Postfixadmin’s mailbox table around line 65:

     $config[‘password_query’] = ‘UPDATE mailbox SET password = %c, modified=now() WHERE username = %u LIMIT 1’;

                                     ----------------------X----------------------------

UPDATE `mailserver`.`virtual_users` SET password='%c' WHERE domain_id='%u';

----------------------------------------

Using The Roundcubemail Password Plugin (Optional)

Let your users change their password using roundcubemail instead of postfixadmin.

Edit /etc/roundcubemail/main.inc.php and find the lines and make the changes below:

find:

change to:

Now lets configure the password plugin. 

> cd /usr/share/roundcubemail/plugins/password/ 

> cp config.inc.php.dist config.inc.php

Edit config.inc.php

find:

change to:

find:

change to:

Restart apache. 

> service httpd restart

-------------