<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Herb Burnswell wrote:<br>
</div>
<blockquote
cite="mid:CAOuzmw4347QByDK=YJtsiDdadGHUFT9+ZQHWxjL_4bBHbvos1Q@mail.gmail.com"
type="cite">
<div dir="ltr">
<pre style="white-space:pre-wrap">Noriko,</pre>
<pre style="white-space:pre-wrap">
</pre>
<pre style="white-space:pre-wrap">I receive:</pre>
<pre style="white-space:pre-wrap">nsslapd_rootdn: cn=Administrators</pre>
</div>
</blockquote>
<font color="#000000"><span style="white-space:pre-wrap">Ok. Then,
did these work for you?<br>
<br>
$ ldapsearch -x -D "cn=Administrators" -w <pw> -s base -b
"" "objectclass=*"<br>
</span></font>
<pre style="white-space:pre-wrap">$ ldapmodify -x <font color="#000000"><span style="white-space:pre-wrap">-D "cn=Administrators" -w <pw> </span></font><< EOF
dn: cn=replication Manager,cn=config
changetype: modify
replace: userPassword
userPassword: <new_password>
EOF</pre>
<br>
<blockquote
cite="mid:CAOuzmw4347QByDK=YJtsiDdadGHUFT9+ZQHWxjL_4bBHbvos1Q@mail.gmail.com"
type="cite">
<div dir="ltr">
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, Apr 2, 2014 at 4:02 PM, Herb
Burnswell <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:herbert.burnswell@gmail.com" target="_blank">herbert.burnswell@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<pre style="white-space:pre-wrap">Noriko,</pre>
<pre style="white-space:pre-wrap">Thank you for your response. It looks like there's an issue with directory manager privilege. When I attempt the command:</pre>
<pre><font color="#000000"><span style="white-space:pre-wrap">ldapsearch -x -D "cn=Directory Manager" -w <pw> -s base -b "" "objectclass=*"
</span></font></pre>
<pre><font color="#000000"><span style="white-space:pre-wrap">ldap_bind: No such object (32)
</span></font></pre>
<pre><font color="#000000"><span style="white-space:pre-wrap">
</span></font></pre>
<pre><font color="#000000"><span style="white-space:pre-wrap">How can I confirm directory manager user?</span></font></pre>
<pre style="white-space:pre-wrap">
</pre>
<pre style="white-space:pre-wrap">Thanks again for your help,</pre>
<pre style="white-space:pre-wrap">Herb</pre>
<pre style="white-space:pre-wrap">
</pre>
<pre style="white-space:pre-wrap">
</pre>
<pre style="white-space:pre-wrap">
</pre>
<pre style="white-space:pre-wrap">Hello,
This password is base64 encoded and folded at the ~80th column. (So,
please do not remove the last '=')
userPassword::
e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ==
If you decode it, it looks like this:
{SSHA}ticY7aq9EIThbdkdxXqlV7gKfxR1ZExBVwLNxA==
It is SSHA hashed.
I think you have a directory manager privilege. If so, you could reset
the password by ldapmodify command?
ldapmodify ... << EOF
dn: cn=replicationManager,cn=config
changetype: modify
replace: userPassword
userPassword: <new_password>
EOF
Herb Burnswell wrote:
><i> All,
</i><div><div class="h5">><i>
</i>><i> I am taking over a newly installed 389-ds environment:
</i>><i>
</i>><i> 389-admin-1.1.29-1.el6.x86_64
</i>><i> 389-admin-console-1.1.8-1.el6.noarch
</i>><i> 389-admin-console-doc-1.1.8-1.el6.noarch
</i>><i> 389-adminutil-1.1.15-1.el6.x86_64
</i>><i> 389-console-1.1.7-1.el6.noarch
</i>><i> 389-ds-1.2.2-1.el6.noarch
</i>><i> 389-ds-base-1.2.11.15-32.el6_5.x86_64
</i>><i> 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64
</i>><i> 389-ds-console-1.2.6-1.el6.noarch
</i>><i> 389-ds-console-doc-1.2.6-1.el6.noarch
</i>><i> 389-dsgw-1.1.10-1.el6.x86_64
</i>><i>
</i>><i> I have two systems that I will use as Multiple Masters. The problem
</i>><i> is when creating a replication agreement on each side, replication
</i>><i> fails with:
</i>><i>
</i>><i> 49 LDAP error invalid credentials
</i>><i>
</i>><i> So, I need to reset the replication manager user password. When I
</i>><i> look at the dse.ldif file I see:
</i>><i>
</i>><i> dn: cn=replicationManager,cn=config
</i>><i> objectClass: inetorgperson
</i>><i> objectClass: person
</i>><i> objectClass: top
</i>><i> objectClass: organizationalPerson
</i>><i> cn: replicationManager
</i>><i> sn: RM
</i>><i> passwordExpirationTime: 20380119031407Z
</i>><i> nsIdleTimeout: 0
</i>><i> userPassword::
</i>><i> e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ=
</i>><i> =
</i>><i> creatorsName: cn=administrators
</i>><i> modifiersName: cn=administrators
</i>><i> createTimestamp: 20131025040123Z
</i>><i> modifyTimestamp: 20131025040123Z
</i>><i>
</i>><i>
</i>><i> This looks odd to me regarding the userPassword and it having an
</i>><i> 'extra line' after it. If I move the '=' sign back to the same above
</i>><i> line and bounce dirsrv it goes back to the above.
</i>><i>
</i>><i> In any event, how can I reset this password? Any assistance is
</i>><i> greatly appreciated.
</i>><i>
</i>><i> Thanks in advance,
</i>><i>
</i>><i> Herb</i></div></div></pre>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
389 users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a>
<a class="moz-txt-link-freetext" href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</blockquote>
<br>
</body>
</html>