Hook into django-allauth

django-allauth in core will fire a signal on password change. We can leverage django-auth-ldap's mechanism of binding as the authenticating user after being asked to authenticate with the old password to get a context in which we can call the LDAP Modify Password extended operation.

On registration, we can act as well.