Title: ldappasswordmodify
Author: Mark Craig
Generator: DocBook XSL-NS Stylesheets v1.76.1 <http://docbook.sf.net/>
Date: October 20, 2011
Manual: Tools Reference
Source: OpenDJ 2.5.0
Language: English
* Define some portability stuff
-----------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://bugs.debian.org/507673
http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----------------------------------------------------------------
* set default formatting
-----------------------------------------------------------------
disable hyphenation
disable justification (adjust text to left margin only)
-----------------------------------------------------------------
* MAIN CONTENT STARTS HERE *
-----------------------------------------------------------------
\w'ldappasswordmodify 'u ldappasswordmodify {options}
This utility can be used to perform LDAP password modify operations in the directory.
The following options are supported.
-a, --authzID {authzID}
Authorization ID for the user entry whose password should be changed The authorization ID is a string having either the prefix dn: followed by the user\*(Aqs distinguished name, or the prefix u: followed by a user identifier that depends on the identity mapping used to match the user identifier to an entry in the directory. Examples include dn:uid=bjensen,ou=People,dc=example,dc=com, and, if we assume that bjensen is mapped to Barbara Jensen\*(Aqs entry, u:bjensen.
-c, --currentPassword {currentPassword}
Current password for the target user
-C, --currentPasswordFile {file}
Path to a file containing the current password for the target user
-F, --newPasswordFile {file}
Path to a file containing the new password to provide for the target user
-J, --control {controloid[:criticality[:value|::b64value|:<filePath]]}
Use a request control with the provided information
-n, --newPassword {newPassword}
New password to provide for the target user
-D, --bindDN {bindDN}
DN to use to bind to the server Default value: cn=Directory Manager
-E, --reportAuthzID
Use the authorization identity control
-h, --hostname {host}
Directory server hostname or IP address Default value: localhost.localdomain
-j, --bindPasswordFile {bindPasswordFile}
Bind password file
-K, --keyStorePath {keyStorePath}
Certificate key store path
-N, --certNickname {nickname}
Nickname of certificate for SSL client authentication
-o, --saslOption {name=value}
SASL bind options
-p, --port {port}
Directory server port number Default value: 389
-P, --trustStorePath {trustStorePath}
Certificate trust store path
-q, --useStartTLS
Use StartTLS to secure communication with the server
-T, --trustStorePassword {trustStorePassword}
Certificate trust store PIN
-u, --keyStorePasswordFile {keyStorePasswordFile}
Certificate key store PIN file
-U, --trustStorePasswordFile {path}
Certificate trust store PIN file
--usePasswordPolicyControl
Use the password policy request control
-V, --ldapVersion {version}
LDAP protocol version number Default value: 3
-w, --bindPassword {bindPassword}
Password to use to bind to the server
-W, --keyStorePassword {keyStorePassword}
Certificate key store PIN
-X, --trustAll
Trust all server SSL certificates
-Z, --useSSL
Use SSL for secure communication with the server
--noPropertiesFile
No properties file will be used to get default command line argument values
--propertiesFilePath {propertiesFilePath}
Path to the file containing default property values used for command line arguments
-v, --verbose
Use verbose mode
--version
Display version information
-?, -H, --help
Display usage information
0
The command completed successfully.
ldap-error
An LDAP error occurred while processing the operation. LDAP result codes are described in \m[blue]RFC 4511\m[]. Also see the additional information for details.
89
An error occurred while parsing the command-line arguments.
You can use ~/.opendj/tools.properties to set the defaults for bind DN, host name, and port number as in the following example.
.\}
hostname=directory.example.com port=1389 bindDN=uid=kvaughan,ou=People,dc=example,dc=com ldapcompare.port=1389 ldapdelete.port=1389 ldapmodify.port=1389 ldappasswordmodify.port=1389 ldapsearch.port=1389
The following example demonstrates a user changing the password for her entry.
.\}
$ cat /tmp/currpwd.txt /tmp/newpwd.txt bribery secret12 $ ldappasswordmodify -p 1389 -C /tmp/currpwd.txt -F /tmp/newpwd.txt -a "dn:uid=kvaughan,ou=people,dc=example,dc=com" -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery The LDAP password modify operation was successful
Mark Craig
Author.
Nemanja Lukić
Author.
Copyright \(co 2011 ForgeRock AS
[IMAGE]
This work is licensed under the \m[blue]Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License\m[].
To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.
Trademarks are the property of their respective owners.
UNLESS OTHERWISE MUTUALLY AGREED BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU.
EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.