Before I explore this further, when using "ldappasswd," will it still prompt me for the current password before I can type in a new password to replace it? On 1/22/14 3:26 PM, "Paul Robert Marino" <prmarino1@xxxxxxxxx> wrote: >your SSL cert or your DNS is bad. TLS requires full forward and revers >lookup of the C name for the host to match one of the host names in >the SSL cert. > > > >On Wed, Jan 22, 2014 at 3:08 PM, Chaudhari, Rohit K. ><Rohit.Chaudhari@xxxxxxxxxx> wrote: >> I'm not using kerberos. The other suggestion about using ldappasswd led >> to the error: >> >> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) >> Additional info: TLS: hostname does not match CN in peer certificate >> >> Is there a way to create a JNDI equivalent command so that I could add a >> checkbox to a Java GUI that basically toggles the "force password change >> after reset" checkbox built into the password policy in 389? >> >> On 1/22/14 10:49 AM, "Paul Robert Marino" <prmarino1@xxxxxxxxx> wrote: >> >>>sorry thats not possible. >>>If you are using Kerberos then you can do it via the kadmin command. >>>If not then you have to use one of several other tools like the admin >>>console or ldapmodify for example. >>> >>> >>>On Wed, Jan 22, 2014 at 9:06 AM, Chaudhari, Rohit K. >>><Rohit.Chaudhari@xxxxxxxxxx> wrote: >>>> Hello, >>>> >>>> I need to be able to reset a LDAP user's password if they forget it >>>>with the >>>> user root. But when I try the "passwd" command as root for a LDAP >>>>user, I >>>> get the following: >>>> >>>> (as root) >>>> passwd tuser >>>> Changing password for user tuser. >>>> Password reset by root is not supported. >>>> passwd: Authentication token manipulation error. >>>> >>>> I am using sssd as the LDAP authentication mechanism tool, to be >>>>specific. >>>> Does anyone have a solution to dealing with this issue of resetting a >>>>LDAP >>>> user's password if they forgot it? >>>> >>>> Thanks, >>>> >>>> Rohit >>>> >>>> From: <Chaudhari>, "Rohit K. Chaudhari" <rohit.chaudhari@xxxxxxxxxx> >>>> Date: Tuesday, January 21, 2014 3:29 PM >>>> To: "General discussion list for the 389 Directory server project." >>>> <389-users@xxxxxxxxxxxxxxxxxxxxxxx> >>>> Subject: using passwd with 389 >>>> >>>> Hello, >>>> >>>> I want to be able to use the Unix "passwd" command to reset a LDAP >>>>user's >>>> password from the command line. However, I keep getting an >>>>authentication >>>> token manipulation error whenever I try to reset the password using >>>>that >>>> command. What do I need to do in the 389 DS or on Unix in order to >>>>get >>>>this >>>> command to work? >>>> >>>> Thanks, >>>> >>>> Rohit >>>> >>>> -- >>>> 389 users mailing list >>>> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>> https://admin.fedoraproject.org/mailman/listinfo/389-users >>>-- >>>389 users mailing list >>>389-users@xxxxxxxxxxxxxxxxxxxxxxx >>>https://admin.fedoraproject.org/mailman/listinfo/389-users >> >> -- >> 389 users mailing list >> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/389-users >-- >389 users mailing list >389-users@xxxxxxxxxxxxxxxxxxxxxxx >https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
