Reset LDAP Password Command Line

Reset LDAP Password Command Line

This is a very common task in any directory environment, and can be executed as a script, but we will start out with the basic syntax to get you going:

ldappasswd -x -D “cn=admin,dc=domain,dc=local” -W “adminpassword” -h 127.0.0.1 -S “cn=user,ou=people,dc=domain,dc=local”

heres’ the basic syntax, if you would like to make your own script. Here’s what we developed, it should work for Almost all Environments, you just have to customize the “admin” account to match your LDAP environment

 

#!/bin/sh
# Created By Andrew Zwieg 8/4/2013
# Version 3.8
# Resets a LDAP User Password

#############################################
# Get Basic Variables to Execute the Script #
#############################################
echo Enter LDAP Admin Password, and hit Enter
read ADMIN
echo Enter the LDAP Account Name that needs to be reset
read Account

###############################################
# Determine the DN of the User, if it Varries #
###############################################
DN=$(ldapsearch -x | grep -i “dn: cn=$Account” | sed ‘s/dn: //g’)

##################################
# This part changes the Password #
##################################
ldappasswd -x -D “cn=admin,dc=domain,dc=local” -w “$ADMIN” -h 127.0.0.1 -S “$DN”

#################################################
# Check If Password Changed, Prompt Accordingly #
#################################################
passwdchanged=$?
sleep 2
if [ $passwdchanged = 0 ]
then
echo “Password Updated!” ; sleep 0
else
echo “Could Not Update Password!!” ; sleep 0
fi