Cyrill,
Thanks for the suggestion. I'll go that route for now. I'd still like to figure out why I can't get ldappasswd to work though. It feels broken in my case. Perhaps it's an Ubuntu packaging issue of some kind. It worked fine in Ubuntu 10.
Best,
--Bruce
On Wed, Sep 10, 2014 at 11:00 PM, Gremaud Cyrill cyrill.gremaud@hefr.ch wrote:
Hello Bruce,
I’m not an OpenLDAP expert but personally, when I want to set a password, I generate a good one with slappasswd.
Using this tool, you will be prompted to enter a new password twice. The output of this tool will something like this : {SSHA}dsfjklihjfkajsdhfklasdjfasd
Copy this value (with {SSHA} ) and create an ldif file just to set your password. For example if I want to set this password for olcDatabase={0}config,cn=config and for a specific root DN
dn: olcDatabase={0}config,cn=config changetype: modify add: olcRootDN olcRootDN: cn=admin,cn=config
add: olcRootPW olcRootPW: {SSHA}dsfjklihjfkajsdhfklasdjfasd
If you have already a RootDN, you can use it or if you just want to change it, replace the keyword “add” by “replace”.
You can execute this ldif file using : ldapmodify -Y EXTERNAL -H ldapi:/// -f file.ldif
To try to connect with this new password, you can try this command:
ldapmodify -H ldap://yourserver.domain.cc -D “cn=admin,cn=config” -W
You will be prompted to enter your password.
Best Regards, cyrill gremaud
On 10 Sep 2014, at 19:49, Bruce Carleton bruce.carleton@dena.com wrote:
I'm having problems setting passwords with ldappasswd. It keeps failing with a usage message. I've tried a bunch of different arrangements of the command line arguments, but it keeps giving me a usage message. Here's an example:
ldappasswd -s some_password \ -x -H ldapi:/// \ -D cn=admin,dc=example,dc=com -y secret.txt \ uid=some.user,ou=people,dc=example,dc=com
During one of my attempts I followed the order specified in the man page. That didn't work either. I'm using the packaged (ldap-utils / 2.4.28-1.1ubuntu4.4) ldappasswd on Ubuntu 12.04.4 LTS. The specific ldappasswd version follows:
$ ldappasswd -VV ldappasswd: @(#) $OpenLDAP: ldappasswd (Sep 19 2013 22:39:03) $ buildd@panlong:/build/buildd/openldap-2.4.28/debian/build/clients/tools (LDAP library: OpenLDAP 20428)
I'm feeling kind of stuck on this. I'm probably missing something silly. Any suggestions?
Thanks,
--Bruce