[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How do I reset rootdn password?

On 2/5/12 6:58 PM, Jose Ildefonso Camargo Tolosa wrote:
Hi Howard!  I had the feeling you would reply to my post :)

On Sat, Feb 4, 2012 at 9:41 PM, Howard Chu<hyc@symas.com>  wrote:
Jose Ildefonso Camargo Tolosa wrote:

On Sat, Feb 4, 2012 at 1:56 AM, Daniel Savard<dsavard@cids.ca>    wrote:
I would like to know how to reset the rootpw in OpenLDAP 2.4?

Do I need to recreate over the entire configuration database and the
database itself or there is a trick?

Risking to be burned by the community, you could directly edit the
slapd.d files (this is NOT recommended, but you could risk doing it in
your case), this one in particular (shutdown slapd before doing this):

If you don't know what you're doing, keep your grubby hands out of there. If
you know what you're doing, you don't need us to tell you what to do.

You don't know what you're doing, neither does the OP.
Yes, I do know, and I have done that *several* times (without any
problem, this far).  I know it is a risky area, because you have
warned us several times, but I have not hit any issue yet...

you know, it would be really good if you give us a way of seriously
breaking the config by directly editing it (while keeping its format:
maximum line length, no comments, ...)  Last time you just used your
"author right" to ask us to keep away of it, but never actually gave a
reason for it... and experience have shown me that nothing wrong has
happen (this far) however, after your warning, I'm always careful
while doing so, including: shutdown the service and backing up the
directory before touching its files.
One very simple rational behind this choice is that, when running an LDAP server on a 24x7 production env (ie no service shutdown is allowed), with replication beetwen any servers, then simply modifying a file on a disk does not do the job.

But I think Howard already explained that once, or maybe more than once...

Emmanuel LÃcharny