Am 10.03.23 um 20:36 schrieb Quanah Gibson-Mount:
--On Friday, March 10, 2023 7:37 PM +0100 Stefan Kania <ste...@kania-online.de> wrote:Am 10.03.23 um 19:24 schrieb Quanah Gibson-Mount:Ok. I still don't know what 'changing the password via LDIF' means though.Generate a password with for example slappasswd or argon2 and replace the attribute userPassword via a ldif-filesI think you mean, you're generating a hash for a password with slappasswd in either SSHA or ARGON2 format, and then updating an entry using LDIF files in some way (ldapmodify -f?).Please provide an example LDIF file of such a change, using a stupid password for the hash (i.e., secret)Regards, Quanah
For a rootdn
-------------------
dn: olcDatabase={2}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW:
{ARGON2}$argon2i$v=19$m=4096,t=3,p=1$ZGJmZ2lrbmpiZHZzZ3NhdmRzZw$J6eXYSxY4tDs4l8SdBkIwcAU0OqEEdR0gpFNJ5MSqQs
------------------- and a posix or simpleSecurityObject: ------------------- dn: uid=repl-user,ou=users,dc=example,dc=net changetype: modify replace: userPassworduserPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$c2FsdHNsYXQ5ODc2NTQzMg$Td51W49s0X74om++/EnMRsP4La3x46KufcGGY01T8+M
-------------------To reset several userpasswords I can use a script to reset passwords for many users.
OpenPGP_0xD8938670D0070D36.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
