directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: Admin password expired
Date Fri, 18 Sep 2015 16:28:26 GMT
try stopping all nodes, and run this command on one of them and restart both

On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <ezsra.mcdonald@gmail.com>
wrote:

> Yeah...it never comes back to prompt. Is there a plan B?
>
> On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari <kayyagari@apache.org>
> wrote:
>
> > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> ezsra.mcdonald@gmail.com
> > >
> > wrote:
> >
> > > Does it matter that the ADS servers are in Multi-Master  setup?
> > >
> > no, the change should be propagated to the other nodes after starting the
> > node on which the
> > password was changed.
> >
> > And if you used this password on other nodes to connect to the updated
> node
> > then you need to
> > login to the other nodes and change the old password in replication
> > configurations
> >
> > >
> > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> > ezsra.mcdonald@gmail.com
> > > >
> > > wrote:
> > >
> > > > It did in dev as well. But prod I waited a couple minutes. When I
> > > > restarted password was not changed.
> > > >
> > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> kayyagari@apache.org
> > >
> > > > wrote:
> > > >
> > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> > > >> ezsra.mcdonald@gmail.com>
> > > >> wrote:
> > > >>
> > > >> > Is there any reason why this jar would report "Successfully
> modified
> > > >> > password" but not return to the shell prompt?
> > > >> >
> > > >> it might be taking a while to stop the server, but on OS X (my
> > machine)
> > > >> where I tested
> > > >> it returns immediately
> > > >>
> > > >> >
> > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> > > >> ezsra.mcdonald@gmail.com
> > > >> > >
> > > >> > wrote:
> > > >> >
> > > >> > > I was wrong. Test loign on the wrong instance, sorry. It
worked
> in
> > > >> Dev.
> > > >> > >
> > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> > > >> > ezsra.mcdonald@gmail.com
> > > >> > > > wrote:
> > > >> > >
> > > >> > >> Thanks Kiran,
> > > >> > >>
> > > >> > >> I ran this the jar targeting my dev instance
> > > >> > >>
> > > >> > >> /opt/ads/var/lib/default
> > > >> > >>
> > > >> > >> log4j:WARN No appenders could be found for logger
> > > >> > >> (org.apache.directory.server.ApacheDsService).
> > > >> > >> log4j:WARN Please initialize the log4j system properly.
> > > >> > >> log4j:WARN See
> > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > > >> > for
> > > >> > >> more info.
> > > >> > >>            _                     _          ____  ____
> > > >> > >>           / \   _ __    ___  ___| |__   ___|  _ \/ ___|
> > > >> > >>          / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___
\
> > > >> > >>         / ___ \| |_) | (_| | (__| | | |  __/ |_| |___)
|
> > > >> > >>        /_/   \_\ .__/ \__,_|\___|_| |_|\___|____/|____/
> > > >> > >>                |_|
> > > >> > >>
> > > >> > >> Successfully modified password
> > > >> > >>
> > > >> > >>
> > > >> > >> But the password was still the old password.
> > > >> > >>
> > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
> > > >> kayyagari@apache.org>
> > > >> > >> wrote:
> > > >> > >>
> > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald
<
> > > >> > >>> ezsra.mcdonald@gmail.com>
> > > >> > >>> wrote:
> > > >> > >>>
> > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with
a LDIF as
> > below:
> > > >> > >>> >
> > > >> > >>> > sorry for the delay, was building a tool to
change the
> > password
> > > >> cause
> > > >> > >>> any
> > > >> > >>> other means of changing
> > > >> > >>> it doesn't work
> > > >> > >>>
> > > >> > >>> please follow the below steps:
> > > >> > >>>
> > > >> > >>> 1. get the ads-passwd-reset.jar from here
> > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> > > >> > >>> 2. stop the server
> > > >> > >>> 3. run the command
> > > >> > >>>      java -jar target/ads-passwd-reset.jar
> > > >> <your-path-to-DS-instance>
> > > >> > >>> <user-dn> <new-password>
> > > >> > >>>
> > > >> > >>>     your-path-to-DS-instance :  the path to the
instance you
> are
> > > >> using,
> > > >> > >>> most likely it is the 'default' instance
> > > >> > >>>                                                
so something
> > > >> > >>> <path-to-ds-installation>/instances/default
> > > >> > >>>                                 user-dn :  uid=admin,ou=system
> > > >> > >>>                      new-password :  the new password
> > > >> > >>>
> > > >> > >>> 4. after successful execution of above command start
the
> server
> > > >> > >>>
> > > >> > >>> If you would like to build this tool then check
it out from
> > > >> > >>>
> > > >> >
> > > >>
> > >
> >
> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
> > > >> > >>>
> > > >> > >>> Let me know if you need further assistance.
> > > >> > >>>
> > > >> > >>>
> > > >> > >>>
> > > >> > >>> > dn: uid=admin,ou=system
> > > >> > >>> > changetype: modify
> > > >> > >>> > replace: userPassword
> > > >> > >>> > userPassword: PW_HERE_PLEASE
> > > >> > >>> >
> > > >> > >>> > I assume it needs more system attributes to
get around this?
> > > >> > >>> >
> > > >> > >>> > Is there a config entry that can disable password
aging
> that I
> > > can
> > > >> > >>> change
> > > >> > >>> > with an editor and restart the instance?
> > > >> > >>> >
> > > >> > >>> >
> > > >> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald
<
> > > >> > >>> ezsra.mcdonald@gmail.com>
> > > >> > >>> > wrote:
> > > >> > >>> >
> > > >> > >>> > > ADS M20
> > > >> > >>> > >
> > > >> > >>> > > Thanks
> > > >> > >>> > >
> > > >> > >>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran
Ayyagari <
> > > >> > >>> kayyagari@apache.org>
> > > >> > >>> > > wrote:
> > > >> > >>> > >
> > > >> > >>> > >> which version of the server are you
using?
> > > >> > >>> > >>
> > > >> > >>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra
McDonald <
> > > >> > >>> > ezsra.mcdonald@gmail.com
> > > >> > >>> > >> >
> > > >> > >>> > >> wrote:
> > > >> > >>> > >>
> > > >> > >>> > >> > I am researching but if anyone
can suggest a solution,
> it
> > > >> > appears
> > > >> > >>> my
> > > >> > >>> > >> > uid=admin,ou=system password
expired. I did not realize
> > the
> > > >> > aging
> > > >> > >>> > >> applied
> > > >> > >>> > >> > to the admin user.
> > > >> > >>> > >> >
> > > >> > >>> > >> > Urgently need to resolve this
issue.
> > > >> > >>> > >> >
> > > >> > >>> > >>
> > > >> > >>> > >>
> > > >> > >>> > >>
> > > >> > >>> > >> --
> > > >> > >>> > >> Kiran Ayyagari
> > > >> > >>> > >> http://keydap.com
> > > >> > >>> > >>
> > > >> > >>> > >
> > > >> > >>> > >
> > > >> > >>> >
> > > >> > >>>
> > > >> > >>>
> > > >> > >>>
> > > >> > >>> --
> > > >> > >>> Kiran Ayyagari
> > > >> > >>> http://keydap.com
> > > >> > >>>
> > > >> > >>
> > > >> > >>
> > > >> > >
> > > >> >
> > > >>
> > > >>
> > > >>
> > > >> --
> > > >> Kiran Ayyagari
> > > >> http://keydap.com
> > > >>
> > > >
> > > >
> > >
> >
> >
> >
> > --
> > Kiran Ayyagari
> > http://keydap.com
> >
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message