[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Fwd: setting up admin password on openldap

for all the entries?.... Because the file is loading fine, and I can browse all the entries. Tell me onething, isn;t my scenario like simply that I have forgotten the ldap admin password and somehow or the other I need to reset it. I cannot use ldappasswd because it asks for the old password. So is there any way to do it.  I have already as you suggested tried generating the password using slappasswd and then pasting it in slapd.conf....... that still gives invalid credentials on bind.

On 10/30/07, Piotr Wadas <pwadas@jewish.org.pl > wrote:
> The ldiff I have genrated using slapcat on my new server in order to keep it
> as backup has the hashed entry of password in the entry of the
> administrator. ldap browser has the plain text password in the uid of the
> administrator.

If You use slapcat-based ldif, you should probably remove lines
of various system attributes from ldif file, especially like these:

> structuralObjectClass: .....
> creatorsName: cn=nsadmin
> createTimestamp: 19980218204619Z
> modifiersName: uid=nsadmin,o=trac
> modifyTimestamp: 19980722182149Z
> entryUUID: 8179b9a2-74d7-102a-9988-90f8caf384a9
> entryCSN: 20060511011623Z#000003#00#000000

These attributes are read-only, and automatically added by server,
they can appear in slapcat-result file to be loaded with slapadd command,
with the all objects tree, but you cannot add object with ldapadd,
with ldif containing these attributes (I don't remember whether
ldapadd simply ignores it, or returns ldap error).