SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

sunldappasswordreset

Change Passwords Users in SUN LDAP Server

For the convenience of client support a script has been created to easily change the password of users. Simply follow these steps to change the password of an user:

  1. Log on to solarisbox as clsupport
  2. The change password script is automatically started
  3. Fill in the username of the user you need to change the password for
  4. The new password is shown, email the user the new password.
Note: Never tell the user the password, always email it to prevent “social password hacking”

Change the Password Multiple Times a Day

Because of the password policy it's not allowed to change the password to a password that has been used before. Which means, with the script you can't reset the password twice on one day. The solution is to contact a Sysadmin who can

  1. Kick the script with the new password as commandline option
    1. root@solarisbox:# /home/clsupport/bin/chpasswd TESTww11
Note that the script has to be run as root or might get error messages regarding access of the .prd file (where the password is located for the simple bind).

The Script

#!/usr/bin/bash
# Generate a password
 
if [ "$1" ]
then
        NPWD="$1"
else
        NPWD=$(date +%a%d%h)
fi
 
clear
 
cd bin
 
tput bold
tput smul
echo "<company> Client Support Change User Password"
tput rmul
tput rmso
echo
echo -n "Username: "
read USERNAME
FULLNAME=$(getent passwd $USERNAME | cut -d: -f5)
 
if [ ! "$FULLNAME" ]
then
        echo "User \"$USERNAME\" unknown"
        exit
else
        echo "dn: uid=$USERNAME,ou=people,dc=prd,dc=domain" >/tmp/newpwd.ldif
        echo "changetype: modify" >>/tmp/newpwd.ldif
        echo "replace: userPassword" >>/tmp/newpwd.ldif
        echo "userPassword: $NPWD" >>/tmp/newpwd.ldif
        echo "Changing password for \"$FULLNAME\""
        echo
        ldapmodify -h ldaphgost02 -f /tmp/newpwd.ldif -D "cn=Directory Manager" -j .pwd >/dev/null
        rm /tmp/newpwd.ldif
fi
 
echo
echo "Password is reset to $NPWD"
echo "Finished, press <Enter> to exit"
echo
read dummy
exit
You could leave a comment if you were logged in.
sunldappasswordreset.txt · Last modified: 2021/09/23 22:25 (external edit)