<?xml version="1.0" encoding="UTF-8"?>
<!--
! CCPL HEADER START
!
! This work is licensed under the Creative Commons
! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
! To view a copy of this license, visit
! or send a letter to Creative Commons, 444 Castro Street,
! Suite 900, Mountain View, California, 94041, USA.
!
! You can also obtain a copy of the license at
! See the License for the specific language governing permissions
! and limitations under the License.
!
! If applicable, add the following below this CCPL HEADER, with the fields
! enclosed by brackets "[]" replaced with your own identifying information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CCPL HEADER END
!
! Copyright 2011-2012 ForgeRock AS
! Portions Copyright 2013 Jens Elkner
!
-->
version="5.0" xml:lang="en"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude">
<refmeta>
<refentrytitle><application>ldappasswordmodify</application></refentrytitle>
</refmeta>
<refnamediv>
<refname><application>ldappasswordmodify</application></refname>
<refpurpose>perform LDAP password modifications</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>ldappasswordmodify</command>
<arg>-a <replaceable class="parameter">authzID</replaceable></arg>
<arg>-A</arg>
<arg>-c <replaceable class="parameter">curPassWord</replaceable></arg>
<arg>-C <replaceable class="parameter">curPassFile</replaceable></arg>
<arg>-n <replaceable class="parameter">newPassWord</replaceable></arg>
<arg>-N <replaceable class="parameter">newPassFile</replaceable></arg>
<arg>-J <replaceable class="parameter">ctrlOIDstr</replaceable></arg>
<sbr/><sbr/>
xpointer='xpointer(//para[@name="s-proto"]/*[@name="sc-ssl-tls"])'/>
<sbr/><sbr/>
xpointer='xpointer(//para[@name="s-remote"]/*)'/>
<sbr/><sbr/>
xpointer='xpointer(//para[@name="s-auth"]/*[not(@name="sc-alias"
or @name="sc-sasl")])'/>
<arg name="sc-alias">--certNickname <replaceable class="parameter">alias</replaceable></arg>
<sbr/><sbr/>
xpointer='xpointer(//para[@name="s-props"]/*)'/>
xpointer='xpointer(//para[@name="s-general"]/*)'/>
</cmdsynopsis>
</refsynopsisdiv>
<refsection>
<title>Description</title>
<para>
This utility can be used to perform LDAP password modify operations in the
directory.
</para>
</refsection>
<refsection>
<title>Options</title>
<para>The following options are supported.</para>
<variablelist>
<varlistentry>
<term><option>-a, --authzID</option> <replaceable
class="parameter">authzID</replaceable></term>
<listitem>
<para>
Authorization ID for the user entry whose password should be changed. The
authorization ID is a string having either the prefix <literal>dn:</literal>
followed by the user's distinguished name, or the prefix <literal>u:</literal>
followed by a user identifier that depends on the identity mapping used to match
the user identifier to an entry in the directory. Examples include
<literal>dn:uid=bjensen,ou=People,dc=example,dc=com</literal>, and, if we assume
that <literal>bjensen</literal> is mapped to Barbara Jensen's entry,
<literal>u:bjensen</literal>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-A, --provideDNForAuthzID</option></term>
<listitem>
<para>
Use the bind DN as the authorization ID for the password modify operation.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-n, --newPassword</option> <replaceable
class="parameter">password</replaceable></term>
<listitem>
<para>
New password to provide for the target user.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-N, --newPasswordFile</option> <replaceable
class="parameter">file</replaceable></term>
<listitem>
<para>
Path to a file containing the new password to provide for the target user.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-c, --currentPassword</option> <replaceable
class="parameter">password</replaceable></term>
<listitem>
<para>
Current password for the target user.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-C, --currentPasswordFile</option> <replaceable
class="parameter">file</replaceable></term>
<listitem>
<para>
Path to a file containing the current password for the target user.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-J, --control</option> <replaceable
class="parameter">controloid[:criticality[:value|::b64value|:<filePath]]}</replaceable></term>
<listitem>
<para>
Use a request control with the provided information.
</para>
</listitem>
</varlistentry>
</variablelist>
<refsection>
<title>LDAP Connection Options</title>
<variablelist>
xpointer='xpointer(//para[@name="l-proto"]/*[@name="lc-ssl"
or @name="lc-tls"])'/>
xpointer='xpointer(//para[@name="l-remote"]/*)'/>
xpointer='xpointer(//para[@name="l-auth"]/*[not(@name="lc-alias"
or @name="lc-sasl")])'/>
<varlistentry>
<term><option>--certNickname</option> <replaceable
class="parameter">alias</replaceable></term>
<listitem>
<para>
</para>
</listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection>
<variablelist>
xpointer='xpointer(//para[@name="l-props"]/*)'/>
</variablelist>
</refsection>
<refsection>
<title>General Options</title>
<variablelist>
xpointer='xpointer(//para[@name="l-general"]/*)'/>
</variablelist>
</refsection>
</refsection>
<refsection>
<title>Examples</title>
<informalexample>
<para>
The following example demonstrates a user changing the password for her entry.
</para>
<literallayout><prompt
<screen>
bribery
secret12
</screen>
<literallayout><prompt
-N /tmp/newpwd.txt -A -w bribery \
-D uid=kvaughan,ou=people,dc=example,dc=com</command></literallayout>
<screen>
The LDAP password modify operation was successful
</screen>
</informalexample>
</refsection>
</refentry>