Reset cn=Directory Manager password

From Brandonhutchinson.com

(Difference between revisions)
Jump to: navigation, search
(New page: I used the following procedure to reset the '''cn=Directory Manager''' password on a Sun DSEE 6.3 LDAP server. I did not know the existing '''cn=Directory''' Manager password. In this exa...)
Line 9: Line 9:
$ '''/opt/SUNWdsee/ds6/bin/pwdhash
$ '''/opt/SUNWdsee/ds6/bin/pwdhash
usage: /opt/SUNWdsee/ds6/bin/pwdhash -D instance-dir [-H] [-s scheme | -c comparepwd ] password...
usage: /opt/SUNWdsee/ds6/bin/pwdhash -D instance-dir [-H] [-s scheme | -c comparepwd ] password...
-
$ '''/opt/SUNWdsee/ds6/bin/pwdhash -D /var/ds -s SSHA password'''
+
$ '''/opt/SUNWdsee/ds6/bin/pwdhash -D /var/ds -s SSHA ''password'''''
{SSHA}sdhtz2s3JqaETqrkRxhWvrPTNCbec4o7y1o3OA==
{SSHA}sdhtz2s3JqaETqrkRxhWvrPTNCbec4o7y1o3OA==

Revision as of 16:26, 3 June 2008

I used the following procedure to reset the cn=Directory Manager password on a Sun DSEE 6.3 LDAP server. I did not know the existing cn=Directory Manager password.

In this example, Sun DSEE 6.3 is installed in /opt/SUNWdsee with a directory server instance in /var/ds.

  • Stop the directory server instance. (I don't know if the password can be changed to a running directory server.)
# dsadm stop /var/ds
  • Generate the SSHA password hash. Sun DSEE 6.3 does not include/create getpwenc, a shell script front-end to pwdhash, but it does include the pwdhash utility needed to generate SSHA hashes.
$ /opt/SUNWdsee/ds6/bin/pwdhash
usage: /opt/SUNWdsee/ds6/bin/pwdhash -D instance-dir [-H] [-s scheme | -c comparepwd ] password...
$ /opt/SUNWdsee/ds6/bin/pwdhash -D /var/ds -s SSHA password
{SSHA}sdhtz2s3JqaETqrkRxhWvrPTNCbec4o7y1o3OA==
  • Change the nsslapd-rootpw line in config/dse.ldif to use the SSHA hash generated above.
# vi /var/ds/config/dse.ldif
  • Start the directory server instance.
# dsadm start /var/ds
Personal tools