07-15-2014
How to make ldappasswd use {SHA} instead of {SSHA} for users passwords in openldap?
Is it possible to use {SHA} with ldappasswd? I didn't find responsible option in manual page and doc
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I am the administrator for a large network of HP/UX servers, about 100, this will be growing to over 200 in the next 18 months, part of my duties are to change the root passwords on these machines once month... which is a pain. I have written a script that will generate random passwords for me and... (3 Replies)
Discussion started by: PJolliffe
3 Replies
2. UNIX for Dummies Questions & Answers
hi, to do a su - user, we need to know what are the users...
so in unix
1) which file to see the list of users, passwords? (2 Replies)
Discussion started by: yls177
2 Replies
3. Solaris
Hello to everyone,
We are trying to enable ldap authentication with pam_ldap and md5 passwords on a Solaris 10 system to an openldap server. If passwords are stored using crypt, everything works correctly. But if the password in openldap is in md5, then authentication fails.
We have installed... (0 Replies)
Discussion started by: jfotop
0 Replies
4. Solaris
Hi All,
How to restrict the NIS users not to change their passwords in for NIS users??
and my NIS user is unable to login to at client location what could be the problem for this ?
Any body can help me. Thanks in advance. (1 Reply)
Discussion started by: Sharath Kumar
1 Replies
5. UNIX for Advanced & Expert Users
Hello,
I have an AIX 5.3 system. I want to check users to see whether there are users with blank passwords but i would prefer to do that without checking /etc/passwd or /etc/security/passwd files.
Also while i was searching the web for a solution i noticed that many people refer to /etc/shadow... (2 Replies)
Discussion started by: omonoiatis9
2 Replies
6. UNIX for Dummies Questions & Answers
Hi all,
where (path) usually the programs are installed in linux.
How to make installed programs available to all users of the system ?
Thanks in advance! (4 Replies)
Discussion started by: lramsb4u
4 Replies
7. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
8. Shell Programming and Scripting
hi,
i am new to shell scripts
i write a shell script to create multiple users but i need to give passwords to that users while creating users, command to write this script (1 Reply)
Discussion started by: DONFOX
1 Replies
9. Red Hat
Hi,
I have problem with a script, it was working for 6 month and suddenly I started getting strange expire times
example:
# chage -l wXXp
Last password change : Oct 28, 2014
Password expires : Nov 27, 2014
Password... (3 Replies)
Discussion started by: redmansas
3 Replies
LEARN ABOUT REDHAT
ldappasswd
LDAPPASSWD(1) General Commands Manual LDAPPASSWD(1)
NAME
ldappasswd - change the password of an LDAP entry
SYNOPSIS
ldappasswd [-A] [-a oldPasswd] [-D binddn] [-d debuglevel] [-H ldapuri] [-h ldaphost] [-n] [-p ldapport] [-S] [-s newPasswd] [-v] [-W]
[-w passwd] [-O security-properties] [-I] [-Q] [-U authcid] [-x] [-X authzid] [-Y mech] [-Z[Z]] [user]
DESCRIPTION
ldappasswd is a tool to set the password of an LDAP user. ldappasswd uses the LDAPv3 Password Modify (RFC 3062) extended operation.
ldappasswd sets the password of associated with the user [or an optionally specified user]. If the new password is not specified on the
command line and the user doesn't enable prompting, the server will be asked to generate a password for the user.
ldappasswd is neither designed nor intended to be a replacement for passwd(1) and should not be installed as such.
OPTIONS
-A Prompt for old password. This is used instead of specifying the password on the command line.
-a oldPasswd
Set the old password to oldPasswd.
-x Use simple authentication instead of SASL.
-D binddn
Use the Distinguished Name binddn to bind to the LDAP directory.
-d debuglevel
Set the LDAP debugging level to debuglevel. ldappasswd must be compiled with LDAP_DEBUG defined for this option to have any effect.
-H ldapuri
Specify URI(s) referring to the ldap server(s).
-h ldaphost
Specify an alternate host on which the ldap server is running. Deprecated in favor of -H.
-p ldapport
Specify an alternate TCP port where the ldap server is listening. Deprecated in favor of -H.
-n Do not set password. (Can be useful when used in conjunction with -v or -d)
-S Prompt for new password. This is used instead of specifying the password on the command line.
-s newPasswd
Set the new password to newPasswd.
-v Increase the verbosity of output. Can be specified multiple times.
-W Prompt for bind password. This is used instead of specifying the password on the command line.
-w passwd
Use passwd as the password to bind with.
-O security-properties
Specify SASL security properties.
-I Enable SASL Interactive mode. Always prompt. Default is to prompt only as needed.
-Q Enable SASL Quiet mode. Never prompt.
-U authcid
Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used.
-X authzid
Specify the requested authorization ID for SASL bind. authzid must be one of the following formats: dn:<distinguishedname> or
u:<username>.
-Y mech
Specify the SASL mechanism to be used for authentication. If it's not specified, the program will choose the best mechanism the
server knows.
-Z[Z] Issue StartTLS (Transport Layer Security) extended operation. If you use -ZZ, the command will require the operation to be success-
ful
SEE ALSO
ldap_sasl_bind(3) ldap_extended_operation(3) ldap_start_tls_s(3)
AUTHOR
The OpenLDAP Project <http://www.openldap.org/>
ACKNOWLEDGEMENTS
OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). OpenLDAP is derived from University of Michigan
LDAP 3.3 Release.
OpenLDAP 2.0.27-Release 20 August 2001 LDAPPASSWD(1)