Hi Ondřej, changing the password with ldappasswd works as expected. I did a: ------------- u1-verw@ldap02:~$ ldappasswd -x -D cn=u1-verw,ou=users,ou=verwaltung,dc=example,dc=net -S -W New password: Re-enter new password: Enter LDAP Password: ------------- When entering the "LDAP Password" I'm giving "password+token" for the "New password" I'm only giving the new password without any token. After changing the password I can login with the new password+token. But with "passwd" I can't change the password if otp is used. Without otp changing the password works wir "passwd" only.
Am 25.04.25 um 14:53 schrieb Ondřej Kuzník:
On Thu, Apr 24, 2025 at 07:46:12PM +0200, Stefan Kania wrote:Hello to all When I activate the otp-overlay I can login with my userpassword and the 6 digit token. But how can I change the password with otp activ? Without otp I do "passwd" then giving the old password and then the new password twice and the password is changed With opt I have to give the old password+6-digit. If I only giving the password the server complains immediately that the password is wrong. When I'm giving the old password plus the 6-digit, the server accepts the password. Then I can give the new password twice, but then I'm getting the massage: Server-message: Old password not accepted. So how can an user change his password via commandline with otp active?Hi Stefan, there are 2 steps when running ldappasswd: - the bind (Old password+OTP) to authenticate the session (-w/-W) - the password modify against someone (presumably self) with "old password" (-a/-t) and "new password" (-s/-T) provided Similar when other applications use this. AFAIK the old-password data shouldn't have the OTP appended to it, should just be the user's current password, but I haven't checked this myself. Regards,
-- Stefan Kania Landweg 13 25693 St. Michaelisdonn --------------------- Es gibt keine WOLKE, nur die Computer fremder Leute
OpenPGP_0x52F6D4DD1BB68AB5.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
