[Freeipa-users] Any command can change the direcoty manager password
Rob Crittenden
rcritten at redhat.com
Mon Mar 17 14:03:47 UTC 2014
barrykfl at gmail.com wrote:
> hi:
>
> I accidently changed uid admin 's password ...and then change back orginal.
>
> BUT it seem that it also modify CN+directory manager also can now conflcit.s
>
> soem user cann not access using if cn= direcory manager.
>
> any idea ? i tried the follwig command it says ssl conenection already
> establsied and error.
>
>
> ~]# LDAPTLS_CACERT=/etc/ipa/ca.crt ldappasswd \
> -ZZ -D 'cn=directory manager' -W \
> -S uid=admin,cn=users,cn=accounts,dc=domain,dc=com
> New password:
I'm not sure I entirely follow you. From what I understand the admin
password was changed and you'd like to change it back but are having a
problem doing this using ldappasswd as Directory Manager?
/etc/openldap/ldap.conf may be pre-configured to use an ldaps URI which
explains the SSL already established part. It will also define
TLS_CACERT for you.
Try dropping the -ZZ, like this:
$ ldappasswd -D 'cn=directory manager' -W \
-S uid=admin,cn=users,cn=accounts,dc=domain,dc=com
rob
More information about the Freeipa-users
mailing list