[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: setting up admin password on openldap

Hi Piotr,

Here is my ldif file.

dn: cn=nsadmin
changetype: modify
userpassword: {SHA}R0f182La8UTJewHKUWIr2ltHPXc=
 and the command I used is:

[root@syru156 bin]# ./ldapmodify -x -v -f /main/backup/nsadmin.ldif
ldap_initialize( <DEFAULT> )
replace userpassword:
modifying entry "cn=nsadmin"
modify complete
ldap_modify: Strong(er) authentication required (8)
        additional info: modifications require authentication

and I cannot still connect bind to ldap through credentials. It says invalid credentials when I try to connect it through ldap browser.


On 10/30/07, Naufal Sheikh <naufalzamir@gmail.com> wrote:
yeah this is the main ldif file which I initilly imported. oh ok.... you want me to change the password of nsadmin by making an ldif file loike above, Yes the paswords were not in the hashed form in the modify operation. Ok I will try doing this, as soon as I get my database up.


On 10/30/07, Piotr Wadas < pwadas@jewish.org.pl> wrote:

> The passowrd is hashed in the ldif file which I am importing from the
> production system, as below:
> # id=00000003
> dn: uid=nsadmin,o=trac
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: SuiteSpot Administrator
> sn: Administrator
> givenName: SuiteSpot
> uid: nsadmin
> creatorsName: cn=nsadmin
> createTimestamp: 19980218204619Z
> userPassword:: e1NIQX12bm4rOFpBNFNzdzJJMnlQOVZ2clBJVFlGRzg9
> modifiersName: uid=nsadmin,o=trac
> modifyTimestamp: 19980722182149Z
> structuralObjectClass: inetOrgPerson
> entryUUID: 8179b9a2-74d7-102a-9988-90f8caf384a9
> entryCSN: 20060511011623Z#000003#00#000000

This is not modify operation ldap file.
Modify operation ldif file should look like this:
(in example two values of userPassword will be added
to "cn=admin,dc=foo" object, and all old values of
userPassword attribute will be removed.

dn: cn=admin,dc=foo
changetype: modify
replace: userPassword
userPassword: {CRYPT}hashpasswordvaluehere
userPassword: {MD5}passwordhashedinotherway