ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.

Password Information Tool

Password Information Tool

home page url: http://ldapwiki.willeke.com/wiki/DumpEdirectoryPasswordInformationTool
download url: http://ldapwiki.willeke.com/attach/DumpEdirectoryPasswordInformationTool/
DumpPasswordInformation.jar


The NDS Passwords infrastructure can be difficult to figure out. We needed a tool to debug various password policy and user entries regarding passwords.


The Dump Password Information Tool performs the following:




  • Dumps the user's Universal Password values

  • Dumps the information regarding the users Universal Password

  • Dumps the information regarding the users Simple Password

  • Dumps the information regarding the users NDS Password as it relates to the Universal Password



Updated


We made many enhancements including a GUI interface.

home page url:
http://ldapwiki.willeke.com/wiki/DumpEdirectoryPasswordInformationTool

Labels (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Comments
Hi all

I created an easy batch to retrieve a users password, which i would like to share:

@echo off
TITLE Retrieve Password from user
rem **************************************************************************
rem * oktober 2008, Gerrit Doornenbal
rem * requirements: ldapsearch, grep, awk, java
rem **************************************************************************

cls
set ldapserver=172.16.1.10
set /p gebruiker="Van welke gebruiker wil je het password weten? "
set /p pwd="Geef je eigen wachtwoord: "
cls

rem first find administrator information from ldap server
%toolmap%\ldapsearch -h %ldapserver% "uid=%username%" > %temp%\temp.ldif
type %temp%\temp.ldif | z:\grep dn: | z:\awk "{print $2}" >%temp%\temp.txt
for /f "tokens=1 delims= " %%A IN ('type %temp%\temp.txt') DO SET dn=%%A
rem find user dn from ldap server
%toolmap%\ldapsearch -h %ldapserver% "uid=%gebruiker%" > %temp%\temp.ldif
type %temp%\temp.ldif | z:\grep dn: | z:\awk "{print $2}" >%temp%\temp.txt
for /f "tokens=1 delims= " %%A IN ('type %temp%\temp.txt') DO SET userdn=%%A

"C:\Program Files\Java\jre1.6.0_01\bin\java.exe" -jar DumpPasswordInformation.jar -dvAL -h %ldapserver% -z 3000 -D %dn% -w %pwd% -b %userdn%

rem cleanup mess...
del %temp%\temp.txt
del %temp%\temp.ldif
set pwd=
set dn=
set userdn=

It's a very neat tool! thanks!

Gerrit Doornenbal
Where can i find the requirements?
grep
awk
ldapsearch

Thanks in advance!

Bas Arendshorst
Are standard with most linux distros, although there are windows ports.

Best combined set is cygwin:

http://www.cygwin.com/

for native ports:

http://unxutils.sourceforge.net/

which contains everything but OpenLDAP. For the ldap tools, you need a windows build of that, which *was* downloadable from here:

http://www.ilex.fr/openldap.htm

but it appears to be MIA.

http://www.symas.net/ has a recent build, but it is behind a "register to get it" firewall; I have just signed up with a throwaway account, and it seems to work ok.
Requirements=Java 1.5 or better.

We have run this on Linux and on Windows. Runs from a workstation.
Hi

This is a wicked tool but can it handle custom object classes?

We have a custom object class on which we can set passwords on but I could not get it working too retrieve any information from this class.

Is it hard coded only to handle cn's or can we use it for any objects?

Thanking you in advance.

Kindest Regards

Ashley
Well, I was afraid someone would come up with this one.
Currently is is coded for (objectClass=inetorgperson)

The latest release does allow searching by an attributeName=AttibuteVlaue pair, but currently is still filtered by objectClass=inetorgperson.

I will work on this as an enhancement.
Thanks for the feedback.
-jim
Can we add a recommendation to this document stating that you should verify that the infrastructure is correctly configured in order to avoid unwanted access, including also a reference to the documentation provided by Novell: http://www.novell.com/documentation/password_management33/pwm_administration/data/an4bun5.html
Top Contributors
Version history
Revision #:
4 of 4
Last update:
‎2020-03-10 17:33
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.