More fun with LDAP

[Piero Calucci]

On Thu, 2004-05-13 at 09:46, Dan wrote:
> I dont think passwd has any ldap capabilities, so attempting to lock an
> account stored in LDAP using passwd(1) wont work.

I can confirm this. I use a small script that retrieves the value of the
encrypted password via ldapsearch and put it back with a ! via
ldapmodify

ldapmodify -x -Z -h $ldaphost -D $rootdn -w $rootpw <<-EOF
dn: $dn
changetype: modify
replace: userPassword
userPassword: !$password
-

EOF

-- 
pc