B.nana Technology Log in
Version 9ceaf3f committed by Binokkio.

Modify LDAP user password

The userPassword attribute can be changed in a couple of ways.

Modify another user's password

Run slappasswd to generate a password hash. This command does not interact with your ldap server.

[user@host ~]$ slappasswd 
New password: 
Re-enter new password: 
{SSHA}lvsRd49+M62J8AASa3AZQwsRSz/zTlXM

Then create an ldif like this one:

dn: uid=xxx,ou=xxx,dc=b,dc=nana,dc=technology
changetype: modify
replace: userPassword
userPassword: {SSHA}lvsRd49+M62J8AASa3AZQwsRSz/zTlXM

If you have a setup similar to the one described in OpenLDAP with Let's Encrypt you can apply this ldif like so:

ldapmodify -H ldapi:/// -Y EXTERNAL -f modify-user-password.ldif

Modify your own password

Assuming your ~/.ldaprc contains your BINDDN and your ldap server's URI you can simply run ldappasswd -W to modify your own password.