[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: setting up admin password on openldap



Hi Piotr,

Here is my ldif file.

dn: cn=nsadmin
changetype: modify
userpassword: {SHA}R0f182La8UTJewHKUWIr2ltHPXc=
 and the command I used is:

[root@syru156 bin]# ./ldapmodify -x -v -f /main/backup/nsadmin.ldif
ldap_initialize( <DEFAULT> )
replace userpassword:
        {SHA}R0f182La8UTJewHKUWIr2ltHPXc=
modifying entry "cn=nsadmin"
modify complete
ldap_modify: Strong(er) authentication required (8)
        additional info: modifications require authentication

and I cannot still connect bind to ldap through credentials. It says invalid credentials when I try to connect it through ldap browser.


Regards




On 10/30/07, Naufal Sheikh <naufalzamir@gmail.com> wrote:
yeah this is the main ldif file which I initilly imported. oh ok.... you want me to change the password of nsadmin by making an ldif file loike above, Yes the paswords were not in the hashed form in the modify operation. Ok I will try doing this, as soon as I get my database up.

Regards

On 10/30/07, Piotr Wadas < pwadas@jewish.org.pl> wrote:


> The passowrd is hashed in the ldif file which I am importing from the
> production system, as below:
>
> # id=00000003
> dn: uid=nsadmin,o=trac
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: SuiteSpot Administrator
> sn: Administrator
> givenName: SuiteSpot
> uid: nsadmin
> creatorsName: cn=nsadmin
> createTimestamp: 19980218204619Z
> userPassword:: e1NIQX12bm4rOFpBNFNzdzJJMnlQOVZ2clBJVFlGRzg9
> modifiersName: uid=nsadmin,o=trac
> modifyTimestamp: 19980722182149Z
> structuralObjectClass: inetOrgPerson
> entryUUID: 8179b9a2-74d7-102a-9988-90f8caf384a9
> entryCSN: 20060511011623Z#000003#00#000000
>

This is not modify operation ldap file.
Modify operation ldif file should look like this:
(in example two values of userPassword will be added
to "cn=admin,dc=foo" object, and all old values of
userPassword attribute will be removed.

dn: cn=admin,dc=foo
changetype: modify
replace: userPassword
userPassword: {CRYPT}hashpasswordvaluehere
userPassword: {MD5}passwordhashedinotherway

Regards,
Piotr