[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How do I reset rootdn password?



Jose Ildefonso Camargo Tolosa wrote:
Hi,

On Sat, Feb 4, 2012 at 1:56 AM, Daniel Savard<dsavard@cids.ca>  wrote:
I would like to know how to reset the rootpw in OpenLDAP 2.4?

Do I need to recreate over the entire configuration database and the
database itself or there is a trick?

Risking to be burned by the community, you could directly edit the
slapd.d files (this is NOT recommended, but you could risk doing it in
your case), this one in particular (shutdown slapd before doing this):

If you don't know what you're doing, keep your grubby hands out of there. If you know what you're doing, you don't need us to tell you what to do.

You don't know what you're doing, neither does the OP.

/etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif

And change that line:

olcRootPW:: e1NTSEF9b085TTcyaUNnK2lKUVp1d2s3SENvZHpEOHFBS2c5VCs=

Note this is bsae64 encoded, so, will need to generate it with
slappasswd and then encode it to base64, there are some online
encoders you could use.

The first thing I would have done would be slapcat -n0 to see what all of the existing rootpw's were. They would all be base64 encoded; decode them to see if any of them are plaintext. If so, then the problem is already solved - you have the password.

Also, I believe there are olcRootPW per-database (I don't remember
seeing that on slapd.conf kind of configs, but I just saw it on the
slapd.d right now):

Don't guess. RTFM. It's all stated there clearly.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/