We tried using the ldappaswd command (sanitized below). Before even putting it on the web server, which is a linux box, we tested it on the OD host with the invocation below (sanitized to remove site info.)
ldappasswd -A -D uid=testuser,cn=users,dc=organization,dc=com -H ldap://organization.com -S -W -x
We were then prompted for 5 things.
1 Old password:
2 Re-enter old password:
3 New password:
4 Re-enter new password:
5 Enter LDAP Password:
If I enter the wrong value for 5 it reports ldap_bind: Invalid credentials (49). If I enter non-matching values for 2 and 3 or 4 and 5 this is caught.
If I enter the correct values, it returns, Result: Success (0). If I enter the wrong values for 2 and 3 it still reports Result: Success (0).
Unfortunately the password did not actually change. If I try to su with the new passwod, this happens.
su testuser
Password:
su: Sorry
If I take off the -S flag to have it automatically set a password, I see this
ldappasswd -A -D uid=testuser,cn=users,dc=organization,dc=com -H ldap://organization.com -W -x
Old password:
Re-enter old password:
Enter LDAP Password:
New password: ga7uXbUN
Result: Success (0)
Again, the password did not actually change. Can anyone suggest why this is failing? Using -v reveals no useful information.
.
.
Comments are closed