[Systems] Reset Expired LDAP Password

Chihurumnaya Ibiam ibiamchihurumnaya at gmail.com
Tue Sep 25 09:44:26 EDT 2018
Previous message (by thread): [Systems] Reset Expired LDAP Password
Next message (by thread): [Systems] Reset Expired LDAP Password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
James no error from "ssh -v", it only shows connection was established
and a warning that my password is expired and i should change it but
typing my password only throws an incorrect password error.

-- 

Ibiam Chihurumnaya
ibiamchihurumnaya at gmail.com



On Tue, Sep 25, 2018 at 11:04 AM James Cameron <quozl at laptop.org> wrote:

> Changing my password using ldap.sugarlabs.org failed with; "Can't
> modify LDAP information."
>
> Changing my password using ldappasswd from sunjammer shell prompt
> seemed to work;
>
> quozl at sunjammer:~$ ldappasswd -H ldap://127.0.0.1 -x -D
> "uid=quozl,ou=People,dc=sugarlabs,dc=org" -W -A -S
> Old password: <oldpassword>
> Re-enter old password: <oldpassword>
> New password: <newpassword>
> Re-enter new password: <newpassword>
> Enter LDAP Password: <oldpassword>
> quozl at sunjammer:~$
>
> However shadowLastChange for me hasn't moved, so I'm not sure if it
> really worked.  Password authentication isn't enabled for SSH anyway.
>
> Checking Ibiam's entry using ldapsearch;
>
> $ ldapsearch -x -LLL uid=ibiamchihurumnaya
> dn: uid=ibiamchihurumnaya,ou=People,dc=sugarlabs,dc=org
> uid: ibiamchihurumnaya
> cn: Chihurumnaya Ibiam
> sn: Ibiam
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> objectClass: shadowAccount
> shadowMax: 365
> shadowWarning: 14
> uidNumber: 837
> gidNumber: 837
> homeDirectory: /home/ibiamchihurumnaya
> gecos: Chihurumnaya Ibiam
> displayName: Chihurumnaya Ibiam
> givenName: Chihurumnaya
> loginShell: /bin/bash
> mail: ibiamchihurumnaya at gmail.com
> shadowLastChange: 17407 (29th August 2017)
>
> Current date is beyond shadowLastChange plus shadowMax plus
> shadowWarning, so the account is probably inactive and disabled.
>
> Ibiam, is there some indication you have received to confirm that,
> e.g. an "ssh -v" error?
>
> I've tried changing Ibiam's password as root, but it prompts me for
> Ibiam's old password, which I don't know.
>
> sunjammer:~# ldappasswd -H ldap://127.0.0.1 -x -D
> "uid=ibiamchihurumnaya,ou=People,dc=sugarlabs,dc=org" -W -A -S
> Old password:
>
> I've found a procedure for changing the RootDN password for OpenLDAP,
> but if I did that I'd need a secure way to communicate it to other
> system administrators.  It also looks hacky and prone to error, so I'm
> not sure the procedure is correct.
>
>
> https://www.digitalocean.com/community/tutorials/how-to-change-account-passwords-on-an-openldap-server
>
> On Fri, Sep 21, 2018 at 02:35:07PM +0100, Chihurumnaya Ibiam wrote:
> > Hi all,
> >
> > I recently complained about my sunjammer account as I haven't been able
> to
> > login because my password is expired and using [1]ldap.sugarlabs.org I
> couldn't
> > reset my password, and I've not been able to send emails from my @[2]
> > sugarlabs.org address and my emails to the lists I'm subscribed to at
> [3]
> > lists.sugarlabs.org gets bounced.
> >
> > Bernie asked for my gpg key and I gave it to him and I haven't had a
> reply
> > since then, I've attached my gpg key here too. Thanks.
> >
> > --
> >
> > Ibiam Chihurumnaya
> > [4]ibiamchihurumnaya at gmail.com
> >
> > References:
> >
> > [1] http://ldap.sugarlabs.org/
> > [2] http://sugarlabs.org/
> > [3] http://lists.sugarlabs.org/
> > [4] mailto:ibiamchihurumnaya at gmail.com
>
> > -----BEGIN PGP PUBLIC KEY BLOCK-----
> >
> > mQENBFuSob0BCADJhL3D92fOo3dzZVL9ehjRTqkKjCsq5HF7h27tQ9TPZ0SKoNlA
> > B5arj7Fpf5rWpXfCqvnqcddEtxyJgDNVw0mkqkrE8b5GEEVibAKE3P9JrdMIsXP+
> > v0VcmAKmfAKl1azXEw4vTpMCc/wTpYyw5CtNRxXY9oPUnU8M+MpgjyJlDD35PRqM
> > w/K4P5/VRKAy0NVBvVq9JW3B5+Qb32cWvXBvMYKquAdFAfWfSqtXm2xzpSgWtxDa
> > 2E8EkNCH4b2ldHs0AQmFxxhIVw+/JOxv5rgmHgbMu4gT0gwirohSeoT4bGYJS0Xd
> > Z5esS2ziXVS+3exgZUXnfag6jSf9gv7qk3QvABEBAAG0MEliaWFtIENoaWh1cnVt
> > bmF5YSA8aWJpYW1jaGlodXJ1bW5heWFAZ21haWwuY29tPokBVAQTAQgAPhYhBD/x
> > zRDG2poX3z2LMD9hLWt6sZnJBQJbkqG9AhsDBQkDwmcABQsJCAcCBhUKCQgLAgQW
> > AgMBAh4BAheAAAoJED9hLWt6sZnJEI4H/iZX0QRyCE/FSK453dkEh6a9ZFp/f6YS
> > iQkvXRzRg+zN7GUZ96GihPCxAhQTcowpV1+ggEn2Th+ciQmYuuZkt5aObnFmnwRU
> > Nzz3W9REYyz/1CNFbqeDBTXuD+yXYx0M3QDkwdjvir5Yf7CfbOVGQL7/v7DjlgVP
> > MPLqtOqJGHvsW3sMC+i9SAhhk0Rx9ZqCOJceQzy7hvZcBL7V28oIBcmsyayW5A5D
> > KfeUqS4CIdiHg5J2YjCqywoxGFvvRu4QXdvd1OyUcjz7Y+a3HpQwbm6tGlDWNk4q
> > wJ4Iat0UEZRRSkEJZC9aNUGruEysLrBZMx047oWRJZP54m/8ZtJhkyK5AQ0EW5Kh
> > vQEIAM1Q43bDn6BzUqolL3JB4EmSbdx/7vwz5HVTJOeiKOQJZhDl1xY8FLIKJKF+
> > rO0DMluV0ebJCJ3zT/ls96mkImlP9TwLpREJoawfKgIPeZxMYkzxZ/609bxUGXRn
> > V38AxqccJqErqkyRhisiXxZx/9xeG8ID2F9S5bzhsb7iMTto94sJh/Gva//3qs6o
> > 34VNYWf/aHlIR5cutgMBorEW9OCZdLSVy6GZeeNRx5PmVkxjrEYCgvqZZO5XpzOX
> > 4qY5ZKSAIKvZKXpL0wVeFdg4L+HgyKyMbcyDqBSbQBbqolFphNHmBTsbDQHBdq5+
> > Df8Y8ziEdt5ztUmxcDxYFjhfoFEAEQEAAYkBPAQYAQgAJhYhBD/xzRDG2poX3z2L
> > MD9hLWt6sZnJBQJbkqG9AhsMBQkDwmcAAAoJED9hLWt6sZnJXtQIALA1jSIFDJP5
> > 2eEv3LNMhXfT5DCTUbkYE/qFk+zQD3ZVF+uJWTRZDabYiMLRXwX9TFNVm4XWcqRB
> > 71n5Sgsi2Osa10bCrEHYtdOW1rwBKVJtaxsGigDF/rIvah5N01h1/rfsg7eI+z6o
> > pjD9mcMlDyonL7h+tYvUcr8ACxa0uzZZi3TaE1D/nuJ/XIJQFGX1bpoWYqp/41HX
> > itHOirq9ZRLRpqRVeM13Pa3N7S9KQQr2K6XhLsfMSJXdO/QvLMQgqtSlqxnQ5k3k
> > StUUjXVuF5EtZe+MSIrqAJRSgVeok6M8HdHkwDSGocTfR6VumJI+ys6dPREhQGiP
> > JSeiVJ+oqNs=
> > =lcIl
> > -----END PGP PUBLIC KEY BLOCK-----
>
>
> --
> James Cameron
> http://quozl.netrek.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/systems/attachments/20180925/56cf19cb/attachment.html>
Previous message (by thread): [Systems] Reset Expired LDAP Password
Next message (by thread): [Systems] Reset Expired LDAP Password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Systems mailing list