[Freeipa-users] Recovering admin key
Rob Crittenden
rcritten at redhat.com
Tue May 4 14:00:02 UTC 2010
Andy Singleton wrote:
> Hello,
>
>
>
> This topic might have been covered before, so I hope im not rehashing
> old ground here.
>
>
>
> We have a multi-master ipa 1.2.2 installation. Its been running fine
> (give or take) for a while now.
>
>
>
> But, the “admin” account password has been reset to an unknown value.
>
> Normally we store our passwords in Password Safe, but this time it
> wasn’t done.
>
> So we have effectively locked ourselves out from the admin account.
>
>
>
> Is there a simple way to reset it?
% ldappasswd -Z -D "cn=directory manager" -W -S
uid=admin,cn=users,cn=accounts,dc=example,dc=com
You'll be prompted twice for the new password, then the password for
your directory manager (this is the LDAP password).
You may have to configure openLDAP to trust your CA. I just created
~/.ldaprc and set it to this:
TLS_CACERT /etc/ipa/ca.crt
rob
More information about the Freeipa-users
mailing list