[Kroupware] How to change the manager password?

Wim Bakker w.a.bakker at planet.nl
Thu Jul 10 23:40:07 CEST 2003


On Thursday 10 July 2003 21:26, Dieter Kluenter wrote:
>
> I'm sorry, I didn't read the subject of this thread properly. If you
> only want to change the password of rootdn, just edit
> /kolab/etc/kolab/kolab.conf
>
> The ldapclients can only be used the manipulate entries, but rootdn
> has no userPassword attribute, but only a rootpw entry in slapd.conf.
>
> -Dieter

That's where the problem started, I have a password choosen
at install that the kolab script "workaround.sh" doesn't like
and does return a syntax error ( password : Reva*))! ) like this:
--
sh: -c: line 1: syntax error near unexpected token `)'
sh: -c: line 1: `/kolab/etc/kolab/workaround.sh user.public Reva*))! | sed -
e /localhost/d'
---
 I then changed the password in kolab.conf to alphanumerical characters only
but that gives me the following error and the password is not changed
(at least I can't login with it in the webinterface, only still with the old):

--
Can't call method "attributes" on an undefined value at /kolab/etc/kolab/kolab 
line 302, <DATA> line 283.
--
So it seems changing the password in kolab.conf is no option anymore.
Now I tried your solution:
/kolab/bin/ldappasswd -x -D "cn=manager,dc=koolraap,dc=unetix,dc=nl" -W -A \n 
"cn=manager,dc=koolraap,dc=unetix,dc=nl"
Old password: <entered old password>
Re-enter old password: <entered old password>
Enter LDAP Password: <entered new password>
ldap_bind: Invalid credentials (49)

So worked partly, I misunderstood the ldappasswd manpage:
ldappasswd    [-A]    [-a oldPasswd]    [-t oldpasswdfile]
       [-D binddn]  [-d debuglevel]  [-H ldapuri]   [-h ldaphost]
       [-n]  [-p ldapport] [-S] [-s newPasswd] [-T newpasswdfile]
       [-v] [-W] [-w passwd] [-y passwdfile] [-O security-proper-
       ties]    [-I]    [-Q]   [-U authcid]   [-R authcid]   [-x]
       [-X authzid] [-R realm] [-Y mech] [-Z[Z]] [user]
thought user only needed to be the username , manager , but
needs to be full dn. As ldap is compiled without sasl support , I didn't
think the -x was necessary.
So when I do :
/kolab/bin/ldappasswd -W -A "cn=manager,dc=koolraap,dc=unetix,dc=nl"
I get the same result:
Old password: <entered old password>
Re-enter old password: <entered old password>
Enter LDAP Password: <entered new password>
ldap_bind: Invalid credentials (49)

slapcat gives me the following for the manager:
--------
dn: cn=manager,dc=koolraap,dc=unetix,dc=nl
cn: manager
sn: n/a
uid: manager
userPassword:: TE9naSopKSE=
objectClass: top
objectClass: inetOrgPerson
structuralObjectClass: inetOrgPerson
entryUUID: 5d1c13c0-44b0-1027-9bea-ba5150bdad15
creatorsName: cn=manager,dc=koolraap,dc=unetix,dc=nl
createTimestamp: 20030707102023Z
entryCSN: 2003070710:20:23Z#0x0005#0#0000
modifiersName: cn=manager,dc=koolraap,dc=unetix,dc=nl
modifyTimestamp: 20030707102023Z
----
 Now that is a completely different password, so I suppose
it is stored encrypted in the ldap database, how do I create
such an encrypted password for use with ldapadd ?
Can I make a temporary user with the password I want
to use for the manager , copy it's password entry  to the password
field in the .ldif file for the manager entry , remove
the manager entry first with slapdelete , and than add the new 
entry with the new password  with slapadd , and then remove the temporary 
user? Or would that not work.

TIA

Wim Bakker


More information about the Kroupware mailing list