Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   changing rootdn password (http://www.linux-archive.org/debian-user/301634-changing-rootdn-password.html)

Mihamina Rakotomandimby 12-29-2009 06:00 AM

changing rootdn password
 
> Didar Hossain <didar.hossain@gmail.com> :
> > I would like to change that admin password without calling
> > 'dpkg-reconfigure slapd'.
> > Is there an ldap utility or built-in command for that purpose?
> Please, do not cross-post the same message to multiple mailing lists -
> instead use separate messages.

Ok, heard.

> Look for "rootpw" in slapd.conf

After dpkg confguring it, I only have a commented:
rootdn "cn=admin,dc=malagasy,dc=com"
but no "rootpw".
I am able to bind with the credential provided to the dpkg-reconfigure.

Where is it stored?

--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche & Developpement
+261 34 29 155 34 / +261 33 11 207 36


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Joe 12-29-2009 08:48 AM

changing rootdn password
 
Mihamina Rakotomandimby wrote:

Didar Hossain <didar.hossain@gmail.com> :

I would like to change that admin password without calling
'dpkg-reconfigure slapd'.
Is there an ldap utility or built-in command for that purpose?

Please, do not cross-post the same message to multiple mailing lists -
instead use separate messages.


Ok, heard.


Look for "rootpw" in slapd.conf


After dpkg confguring it, I only have a commented:
rootdn "cn=admin,dc=malagasy,dc=com"
but no "rootpw".
I am able to bind with the credential provided to the dpkg-reconfigure.

Where is it stored?



If not in slapd.conf, then it is in the database itself i.e. the admin
entry has a userPassword attribute. This is an alternative to placing
the [usually encrypted] admin password in slapd.conf.


You should be able to change it with an LDAP editor, if you are not
comfortable with working with the command line. Luma should be able to
do that, though I work with LDAP mostly with Windows, and use a Windows
LDAP editor.


--
Joe


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Zdenek Styblik 12-30-2009 02:55 PM

changing rootdn password
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mihamina Rakotomandimby wrote:
> Manao ahoana, Hello, Bonjour,
>
> On a Debian and a Ubuntu I install OpenLDAP with the package manager.
> It usually asks for an admin password.
>
> But when looking in /etc/ldap/ I found no place where it is stored
> (even in an encrypted form).
>
> I would like to change that admin password without calling
> 'dpkg-reconfigure slapd'.
>
> Is there an ldap utility or built-in command for that purpose?
>
> Misaotra, Thanks, Merci.
>

Hello,

try to look in /etc/openldap/ instead. But I know a little about Debian
and Google is not unified in results about location of - well, try %
find /etc/ -name slapd.conf; there :)
That's where rooddn password should be stored.
And how to change it?
Use % slappasswd; to generate HASH, then edit slapd.conf and look for:
rootpw {SSHA}SomeHASHofPassword

For the syntax - man pages. SSHA is strongly recommended, I'd say
especially for rootdn password.
I'm not sure if the restart of % slapd; is required.

I hope that helps.

Regards,
Zdenek

- --
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAks7d/4ACgkQ8MreUbSH7imltgCeL5c7jcnDHPJN3KUw9nMWWqyJ
GNYAoMQwAjFYVvTyNiXrLscrSxTU0XEc
=/B9H
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Zdenek Styblik 12-30-2009 02:55 PM

changing rootdn password
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mihamina Rakotomandimby wrote:
> Manao ahoana, Hello, Bonjour,
>
> On a Debian and a Ubuntu I install OpenLDAP with the package manager.
> It usually asks for an admin password.
>
> But when looking in /etc/ldap/ I found no place where it is stored
> (even in an encrypted form).
>
> I would like to change that admin password without calling
> 'dpkg-reconfigure slapd'.
>
> Is there an ldap utility or built-in command for that purpose?
>
> Misaotra, Thanks, Merci.
>

Hello,

try to look in /etc/openldap/ instead. But I know a little about Debian
and Google is not unified in results about location of - well, try %
find /etc/ -name slapd.conf; there :)
That's where rooddn password should be stored.
And how to change it?
Use % slappasswd; to generate HASH, then edit slapd.conf and look for:
rootpw {SSHA}SomeHASHofPassword

For the syntax - man pages. SSHA is strongly recommended, I'd say
especially for rootdn password.
I'm not sure if the restart of % slapd; is required.

I hope that helps.

Regards,
Zdenek

- --
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla@turnovfree.net
jabber: stybla@jabber.turnovfree.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAks7d/4ACgkQ8MreUbSH7imltgCeL5c7jcnDHPJN3KUw9nMWWqyJ
GNYAoMQwAjFYVvTyNiXrLscrSxTU0XEc
=/B9H
-----END PGP SIGNATURE-----

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users


All times are GMT. The time now is 07:51 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.