Giving password reset access to non-root user, in LDAP
Hi,
We have two LDAP servers. Whenever we get a ticket to reset the password, we login to LDAP primary server and reset the password. For below example, I logged into primary LDAP server and resetting password to john to Welcome123#
We are giving this work to tier-1 team, so that they can reset these password themself. But I don't want them to have full access or if possible, not able to see the password of Manager, as it is shown in plain text here. It is achievable ?
If no, we can live with it. But don't want to have them root access. This command will run by root, so probably I can give sudo access to their team for "/export/home/ldap/OpenDS-2.2.1/bin/ldappasswordmodify" ?
Hey all,
I'm looking for a script to auto-generate a password for users that forget their password.
Currently, we are using a perl script (with cgi-bin) where users update their password, but would like to add to this and make it so that the users can also request a password reset and a... (1 Reply)
Hi all,
This is first time I met unix in my life. I purchased old Scanning Elecron Microscope which came with 486/33MHz PC running Unix System V, ver. 3.6. The one simple user name/passw is known so I can boot and login. But can not shutdown! It asks root or su passw. I'm very sensitive not to... (6 Replies)
Hi,
My root password for mysql has some problem as it dosent allow me to login....
all commands to reset it failed. so I removed mysql
yum remove mysql
and installed it by
yum install mysql mysql-devel mysql-server
and it installed fine
I gave chkconfig --levels 235 mysqld on... (1 Reply)
I'm fairly inexperienced with LDAP and DSEE so to build my skills I installed directory server in the global zone of my Sol 10/u7 machine and created a zone to use as a client. For some reason when I try to change a users password as root (in the client zone) with passwd -r ldap I am prompted for... (1 Reply)
Hi All,
I have created an RPM installer and installed it via ROOT user & which works fine on Red Hat.
But the problem oocurs when a non root users try to run that application (from their account), it never got executed (being it has the execute permission i.e. chmod a+x somefile.sh).
I want... (6 Replies)
How to change the ldap root password.
I have generated the password by using "slappasswd " command, but In my root machine "/etc/ldap/sldap.d" file is not there. instead of the file sldap.d directory only is there. please help me...? (0 Replies)
I need some help with Fedora. I am trying to reset the root password. When I tried to login I was not able to. I kept getting the authentication failure message. I got the password reset success message.
passwd: all authentication tokens updated successfully.
I then thought maybe the root... (6 Replies)
Hi All,
I just found one thread on this forum on this subject here:
Forgot MYSQL password root | Unix Linux Forums | Web Development
but unfortunately the issue was not resolved.
I have the same problem with the same error message.
The background is that I built a Solaris 11 x86 server... (11 Replies)
Hello Gurus,
I want One user to su to another without allowing root access and password.
I want to run a specific command as below from user am663:
---------------------------------------------------------
sudo -u appsprj4 /home/appsrj4/scripts/start_apache.sh
-------------------
But... (6 Replies)
Hi ,
I ve a question about the Linux system root password change.
Which can be done using grub menu without inputting the old password.:confused:
So If anybody can change the root password without any password and then how it is secure. Anybody can manipulate the other user using the... (6 Replies)
Discussion started by: pradyumnajpn10
6 Replies
LEARN ABOUT CENTOS
net::ldap::extra::ad
Net::LDAP::Extra::AD(3) User Contributed Perl Documentation Net::LDAP::Extra::AD(3)NAME
Net::LDAP::Extra::AD -- AD convenience methods
SYNOPSIS
use Net::LDAP::Extra qw(AD);
$ldap = Net::LDAP->new( ... );
...
if ($ldap->is_AD || $ldap->is_ADAM) {
$ldap->change_ADpassword($dn, $old_password, $new_password);
}
DESCRIPTION
Net::LDAP::Extra::AD tries to spare users the necessity to reinvent the wheel again and again in order to correctly encode password strings
so that they can be used in AD password change operations.
To do so, it provides the following methods:
METHODS
is_AD ( )
Tell if the LDAP server queried is an Active Directory Domain Controller.
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
is_ADAM ( )
Tell if the LDAP server queried is running AD LDS (Active Directory Lightweight Directory Services), previously known as ADAM (Active
Directoy Application Mode).
As the check is done by querying the root DSE of the directory, it works without being bound to the directory.
change_ADpassword ( DN, OLD_PASSWORD, NEW_PASSWORD )
Change the password of the account given by DN from its old value OLD_PASSWORD to the new value NEW_PASSWORD.
This method requires encrypted connections.
reset_ADpassword ( DN, NEW_PASSWORD, OPTIONS )
Reset the password of the account given by DN to the value given in NEW_PASSWORD. OPTIONS is a list of key/value pairs. The following
keys are recognized:
force_change
If TRUE, the affected user is required to change the password at next login.
For this method to work, the caller needs to be bound to AD with sufficient permissions, and the connection needs to be encrypted.
AUTHOR
Peter Marschall <peter@adpm.de<gt>
COPYRIGHT
Copyright (c) 2012 Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
perl v5.16.3 2013-06-07 Net::LDAP::Extra::AD(3)