ptrk Absent Member.
Absent Member.
9497 views

Change password whit ldapmodify

I am trying to change the password for a user whit ldapmodify. I´m running OES 2 och SLES 10.

What i´m really want to do is change severel password in a batch.

I´m trying whit this command

ldapmodify -x -ZZ -h 10.x.x.9 -p 389 -D "cn=admin,ou=xxx,o=xx" -W -vv -c -f ldapmod

The file ldapmod looks like this:

# Nokia, div, fu
dn: cn=Nokia,ou=div,o=fu
changetype: modify
delete: userPassword
add: userpassword
userPassword: password

I have tryed whit this to:

# Nokia, div, fu
dn: cn=Nokia,ou=div,o=fu
changetype: modify
replace: userPassword
userPassword: password

The output looks like this:

ldap_initialize( ldap://10.167.16.9:389 )
Enter LDAP Password:
delete userPassword:
password
delete add:
userpassword
modifying entry "cn=Nokia,ou=div,o=fu"
modify complete

It looks like the password changes but it doesnt work when i´m trying to log in.
Labels (2)
0 Likes
4 Replies
Knowledge Partner
Knowledge Partner

Re: Change password whit ldapmodify

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How are you verifying it is working? Are you using Universal Password
(UP)? The 'replace' option is the most-common in my experience when an
administrator is making the changes and otherwise everything looks okay.
Your output looks a bit weird to me but maybe that is because of the '-vv'
switches you have.

If you have UP setup use diagpwd or DumpPasswordInformation.jar to see if
you can verify the password. iMonitor can also be used to see the
timestamps of various attribute (Public Key, for example) to ensure
something is changing on the user object and that is useful to know about.

Good luck.





ptrk wrote:
> I am trying to change the password for a user whit ldapmodify. I´m
> running OES 2 och SLES 10.
>
> What i´m really want to do is change severel password in a batch.
>
> I´m trying whit this command
>
> ldapmodify -x -ZZ -h 10.x.x.9 -p 389 -D "cn=admin,ou=xxx,o=xx" -W -vv
> -c -f ldapmod
>
> The file ldapmod looks like this:
>
> # Nokia, div, fu
> dn: cn=Nokia,ou=div,o=fu
> changetype: modify
> delete: userPassword
> add: userpassword
> userPassword: password
>
> I have tryed whit this to:
>
> # Nokia, div, fu
> dn: cn=Nokia,ou=div,o=fu
> changetype: modify
> replace: userPassword
> userPassword: password
>
> The output looks like this:
>
> ldap_initialize( ldap://10.167.16.9:389 )
> Enter LDAP Password:
> delete userPassword:
> password
> delete add:
> userpassword
> modifying entry "cn=Nokia,ou=div,o=fu"
> modify complete
>
> It looks like the password changes but it doesnt work when i´m trying
> to log in.
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK4GYwAAoJEF+XTK08PnB5oP8P/29M7IZ5zuvI3VFSHUDdJ0b2
Z3spHKkm+P9He74DG3GqmITELuh7anO6JimAxCivniQBtt/EmCCfH/YizuCD52zH
esOUYsf6ZD0DTFyETr8NH/JtQ3hoOr4jK/gVcvuYdj2MXDI3C9tjw/xe8FDrX+z4
sGpRIe08zgGVttsxKMKeuw/pW0EJpNNt8WGqbbFiuRjRokrV5dBPBHGHeUuzmrRA
ugCN0ie3RPVS3PmD2P6UEPsc12XVmbKtP9bdSrtzimQYNLIWVQ9XbZ7f9OPe6XE8
1Vxbo51sxdvbxRdxzBT6IpNYQympraaZ8QLYY6lTP2XxCvB4iCpL8ssjXCtZNh3l
oEQG6y6DAshclkpT6hUNGqtUOtXne6heXsUnD/94hngqafr03Ni5wEuvGLHhSM/i
pz55XXdFVzDH7gNFiy2y/eNWKgxwYC2zvJv0E31lsq66yCXgmlTrq4KNH1RbD3Xj
D9bI7/zTmbEVXYDqCwsyimwH7dxmTJCk8W2DmAbLZlfz2ZmS8NRMUoJ10gI2ZTpY
3W8DHXEt4zT37mSDpSf5Ij8CFeGfDMaA7qez6cnNBd0czPbdltC0AehGQQzST0KX
r0xmEEK1K1a+UKm4oqL166i7RgYn8IbFdsBSNEjkTQfnqBEDgEbAnziZDpviubMG
ZE9V64dGn0ttpvEJoyiO
=/2jL
-----END PGP SIGNATURE-----
0 Likes
Brunold Rainer Absent Member.
Absent Member.

Re: Change password whit ldapmodify

ptrk,

beside the other questions from Aaron, can you try this format:

dn: cn=Nokia,ou=div,o=fu
changetype: modify
add: userpassword
userpassword: mynewpwd



Rainer
0 Likes
ptrk Absent Member.
Absent Member.

Re: Change password whit ldapmodify

brunold;1876903 wrote:
ptrk,

beside the other questions from Aaron, can you try this format:

dn: cn=Nokia,ou=div,o=fu
changetype: modify
add: userpassword
userpassword: mynewpwd



Rainer


I tryed modyfing the file according to your suggestion it didn´t change anything.

I have downloaded DumpPassword... when i ran it whit the folloing command:

C:\>java -jar DumpPasswordInformation.jar -dvAL -h 10.xxx.xxx.9 -D "cn=admin,ou=xxx,o=xx" -w "xxxxxxx" -b "ou=div,o=fu"
it resulted in the following output:

dn: cn=Nokia,ou=div,o=fu
dn: cn=jb,ou=div,o=fu

I belive that i dont use Universal Password there are no password policy in the imanager.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Change password whit ldapmodify

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you do not have Universal Password (UP) setup then the
DumpPasswordInformation.jar tool will not help you. I tried the following
tow LDIF samples and both worked in my eDirectory 8.8.5 FTF 1 environment
(SLES 10 SP2 x86_32 host) without issue:

<quote>
dn: cn=test0,ou=updisabled,o=novell,dc=org
changetype: modify
add: userpassword
userpassword: newpassword2
</quote>

<quote>
dn: cn=test0,ou=updisabled,o=novell,dc=org
changetype: modify
replace: userpassword
userpassword: newpassword2
</quote>

The users in this container explicitly have UP disabled (my entire tree
has it enabled otherwise) and I set these using my admin from 'ldapmodify'
that comes from the OpenLDAP package on SLED 11 x86_64. I tested logins
with ndslogin from the eDirectory server itself as follows:

sudo /opt/novell/eDirectory/bin/ndslogin test0.updisabled.novell.org

How are you testing logins?

Good luck.






ptrk wrote:
> brunold;1876903 Wrote:
>> ptrk,
>>
>> beside the other questions from Aaron, can you try this format:
>>

> Code:
> --------------------
> > > dn: cn=Nokia,ou=div,o=fu

> > changetype: modify
> > add: userpassword
> > userpassword: mynewpwd

> --------------------
>>
>> Rainer

>
> I tryed modyfing the file according to your suggestion it didn´t change
> anything.
>
> I have downloaded DumpPassword... when i ran it whit the folloing
> command:
>
> C:\>java -jar DumpPasswordInformation.jar -dvAL -h 10.xxx.xxx.9 -D
> "cn=admin,ou=xxx,o=xx" -w "xxxxxxx" -b "ou=div,o=fu"
> it resulted in the following output:
>
> dn: cn=Nokia,ou=div,o=fu
> dn: cn=jb,ou=div,o=fu
>
> I belive that i dont use Universal Password there are no password
> policy in the imanager.
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJK4bS/AAoJEF+XTK08PnB5eD0P/iVxZZTitGLfpLycUwrED4QA
5XJNljtKnn16SI9Aj53SFN4W+YwB2M6JlQGY51et+jmsbXVI+Z+3B8JWped6vvo0
SkjMkLVa6gXUNJMiKfuBCUxo15KflzLqBpxGMzeVVIXk8xBTAr/MTS8FdzyXNip6
LA27gW2GCKOc+dodT3YYSen9gh/n7mgvlLejm3moUVvgKwUXCWGvfJWRsUOGZxIN
aOVL97v+VpbuavOk6/LUIsUwLHlLcDckpUH8pwX8hG3xm/y9IJS5ye9qQd7bkVS6
pCm//rReGrhZYQRULhGoCa91K+9jX8fJkKmaYheezJIzbW6dd1zgiNtZF3yOwuT3
Y8B53J88fanQqB9wWSli0QC2yJ+ETk+oL2v+bOGfsXGe6ZU3pHa94cvgKlOxJ3+E
SFnurWPCUPkZU4Yfwc9vSA5QdNYvjzL2rQwRMelIOD2Aa2Dhz3p24hrekI/fG3F+
wdXA8m1RPllMuZaWH1IehmffBwgeK99Ew/oDiwJvodCr4KKVeXfSgA8w3RfKZ4xb
x9syNx+oJLzR7fSV+ZouG/WdGLYq5oVawao354wXl+B1R1aTJP+49dbb04Fj9By0
PE7ujlOSvHYcnRowSPH1rHqO53z4nxoA0Szlm4GomASa3swi2U3rYNWjMa4zMx2s
mtX8HAKRmop9z2/EAnec
=0O08
-----END PGP SIGNATURE-----
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.