[ak]

Thanks for the response! Alas, it’s not the answer I was hoping for.

Are you aware of any other mechanism — other than an SSH tunnel — which can be used to issue a remote command (after appropriate authentication) which can reset a password? I’m thinking in terms of (shudder) ActiveDirectory, which allows a password change via LDAPS.

Again, thanks for the reply.

[ak]

I have a question closely related to this older thread: is it possible to change a user’s password from a remote machine that is not running OS X, using just an LDAP modify request?

Our organization has a web interface that is used to change or reset passwords. The passwords are reset on an OpenDirectory server and an ActiveDirectory server — the two need to stay in sync.

Currently, I’m having a script SSH into the OpenDirectory server and execute an expect script that calls ‘passwd’ for the specified user. This is slow and kludgey. I don’t want to depend on SSH for this.

I’d really like to be able to use -only- an LDAP modify command triggered from a remote machine (running Linux).

So: is it possible to issue an LDAP-modify command that succeeds in changing a user’s password on OpenDirectory?

[Author]

Posts