Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Giving password reset access to non-root user, in LDAP
Top Forums UNIX for Beginners Questions & Answers Giving password reset access to non-root user, in LDAP Post 303039411 by ron323232 on Thursday 3rd of October 2019 04:15:20 PM
Old 10-03-2019
Giving password reset access to non-root user, in LDAP
Hi,

We have two LDAP servers. Whenever we get a ticket to reset the password, we login to LDAP primary server and reset the password. For below example, I logged into primary LDAP server and resetting password to john to Welcome123#
We are giving this work to tier-1 team, so that they can reset these password themself. But I don't want them to have full access or if possible, not able to see the password of Manager, as it is shown in plain text here. It is achievable ?
If no, we can live with it. But don't want to have them root access. This command will run by root, so probably I can give sudo access to their team for "/export/home/ldap/OpenDS-2.2.1/bin/ldappasswordmodify" ?

Code:
[root@ldap-serv1 ~]# /export/home/ldap/OpenDS-2.2.1/bin/ldappasswordmodify -h localhost -p 1636 -Z -X -a 'uid=john,ou=People,dc=abc,dc=com' -n Welcome123# -D 'cn=Manager' -w hdfrevfd87663FreY
The LDAP password modify operation was successful
[root@ldap-serv1 ~]#

Thanks
 

10 More Discussions You Might Find Interesting

1. Solaris

LDAP user password reset script

Hey all, I'm looking for a script to auto-generate a password for users that forget their password. Currently, we are using a perl script (with cgi-bin) where users update their password, but would like to add to this and make it so that the users can also request a password reset and a... (1 Reply)
Discussion started by: em23
1 Replies

2. Cybersecurity

How to reset root password of old Unix System V

Hi all, This is first time I met unix in my life. I purchased old Scanning Elecron Microscope which came with 486/33MHz PC running Unix System V, ver. 3.6. The one simple user name/passw is known so I can boot and login. But can not shutdown! It asks root or su passw. I'm very sensitive not to... (6 Replies)
Discussion started by: 82026
6 Replies

3. UNIX for Advanced & Expert Users

Not able to reset mysql root password

Hi, My root password for mysql has some problem as it dosent allow me to login.... all commands to reset it failed. so I removed mysql yum remove mysql and installed it by yum install mysql mysql-devel mysql-server and it installed fine I gave chkconfig --levels 235 mysqld on... (1 Reply)
Discussion started by: viji19812001
1 Replies

4. Solaris

changing user password as root on LDAP client SOl10/u7

I'm fairly inexperienced with LDAP and DSEE so to build my skills I installed directory server in the global zone of my Sol 10/u7 machine and created a zone to use as a client. For some reason when I try to change a users password as root (in the client zone) with passwd -r ldap I am prompted for... (1 Reply)
Discussion started by: ilikecows
1 Replies

5. Red Hat

Giving access to non root users to run application

Hi All, I have created an RPM installer and installed it via ROOT user & which works fine on Red Hat. But the problem oocurs when a non root users try to run that application (from their account), it never got executed (being it has the execute permission i.e. chmod a+x somefile.sh). I want... (6 Replies)
Discussion started by: jw_amp
6 Replies

6. UNIX for Advanced & Expert Users

How to reset the ldap root password?

How to change the ldap root password. I have generated the password by using "slappasswd " command, but In my root machine "/etc/ldap/sldap.d" file is not there. instead of the file sldap.d directory only is there. please help me...? (0 Replies)
Discussion started by: ungalnanban
0 Replies

7. Red Hat

Fedora reset root password

I need some help with Fedora. I am trying to reset the root password. When I tried to login I was not able to. I kept getting the authentication failure message. I got the password reset success message. passwd: all authentication tokens updated successfully. I then thought maybe the root... (6 Replies)
Discussion started by: cokedude
6 Replies

8. Solaris

How to reset forgotten mysql root password?

Hi All, I just found one thread on this forum on this subject here: Forgot MYSQL password root | Unix Linux Forums | Web Development but unfortunately the issue was not resolved. I have the same problem with the same error message. The background is that I built a Solaris 11 x86 server... (11 Replies)
Discussion started by: hicksd8
11 Replies

9. UNIX for Advanced & Expert Users

One user to su to another without allowing root access and password

Hello Gurus, I want One user to su to another without allowing root access and password. I want to run a specific command as below from user am663: --------------------------------------------------------- sudo -u appsprj4 /home/appsrj4/scripts/start_apache.sh ------------------- But... (6 Replies)
Discussion started by: pokhraj_d
6 Replies

10. UNIX for Beginners Questions & Answers

Linux root Password Reset

Hi , I ve a question about the Linux system root password change. Which can be done using grub menu without inputting the old password.:confused: So If anybody can change the root password without any password and then how it is secure. Anybody can manipulate the other user using the... (6 Replies)
Discussion started by: pradyumnajpn10
6 Replies

LEARN ABOUT HPUX

chkey

chkey(1)						      General Commands Manual							  chkey(1)

NAME

       chkey - change user's secure RPC key pair

SYNOPSIS

       [ ] [

DESCRIPTION

       is used to change a user's secure RPC public key and secret key pair.  prompts for the old secure-rpc password and verifies that it is cor-
       rect by decrypting the secret key.

       If the user has not already used to decrypt and store the secret key with registers the secret key with the local daemon.  If  the  secure-
       rpc  password  does  not  match	the  login password, prompts for the login password.  uses the login password to encrypt the user's secret
       Diffie-Hellman (192 bit) cryptographic key.

       ensures that the login password and the secure-rpc password are kept the same.

       The key pair can be stored in the file (see publickey(4)), the NIS map, or entries in the LDAP directory.  If a new secret  key	is  gener-
       ated, it will be registered with the local daemon.

       If  the	source	of  the  is  not  specified  with  the	option, consults the entry in the name service switch configuration file (see nss-
       witch.conf(4)).	If the entry specifies one and only one source, then will change the key in the specified name service.  However, if  mul-
       tiple name services are listed, cannot decide which source to update and will display an error message.	The user should specify the source
       explicitly with the option.

       Non root users are not allowed to change their key pair in the file.

   Options
       Re-encrypt the existing secret key with the user's
		   login password.

       Update the  NIS database.

       Update the  database.

       Update the  LDAP database.

WARNINGS

       HP-UX 11i Version 2 is the last HP-UX release on which NIS+ is supported.  LDAP is the recommended replacement for NIS+.  HP fully supports
       the industry standard naming services based on LDAP.

AUTHOR

       was developed by Sun Microsystems, Inc.

FILES

SEE ALSO

       keylogin(1), keylogout(1), keyserv(1M), newkey(1M), nsswitch.conf(4), publickey(4).

																	  chkey(1)
All times are GMT -4. The time now is 05:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy