Modify LDAP user password
The userPassword
attribute can be changed in a couple of ways.
Modify another user's password
Run slappasswd
to generate a password hash.
This command does not interact with your ldap server.
[user@host ~]$ slappasswd
New password:
Re-enter new password:
{SSHA}lvsRd49+M62J8AASa3AZQwsRSz/zTlXM
Then create an ldif like this one:
dn: uid=xxx,ou=xxx,dc=b,dc=nana,dc=technology
changetype: modify
replace: userPassword
userPassword: {SSHA}lvsRd49+M62J8AASa3AZQwsRSz/zTlXM
If you have a setup similar to the one described in OpenLDAP with Let's Encrypt you can apply this ldif like so:
ldapmodify -H ldapi:/// -Y EXTERNAL -f modify-user-password.ldif
Modify your own password
Assuming your ~/.ldaprc
contains your BINDDN
and your ldap server's URI
you can simply run ldappasswd -W
to modify your own password.