directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ezsra McDonald <ezsra.mcdon...@gmail.com>
Subject Re: Admin password expired
Date Fri, 18 Sep 2015 16:40:03 GMT
Is the jar resetting the password aging stuff?

On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald <ezsra.mcdonald@gmail.com>
wrote:

> Stopping all the instances allowed the jar to exit back to shell, but it
> still says the password is expired when I start the instance and try to
> login.
>
> On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari <kayyagari@apache.org>
> wrote:
>
>> try stopping all nodes, and run this command on one of them and restart
>> both
>>
>> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <
>> ezsra.mcdonald@gmail.com>
>> wrote:
>>
>> > Yeah...it never comes back to prompt. Is there a plan B?
>> >
>> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari <kayyagari@apache.org>
>> > wrote:
>> >
>> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
>> > ezsra.mcdonald@gmail.com
>> > > >
>> > > wrote:
>> > >
>> > > > Does it matter that the ADS servers are in Multi-Master  setup?
>> > > >
>> > > no, the change should be propagated to the other nodes after starting
>> the
>> > > node on which the
>> > > password was changed.
>> > >
>> > > And if you used this password on other nodes to connect to the updated
>> > node
>> > > then you need to
>> > > login to the other nodes and change the old password in replication
>> > > configurations
>> > >
>> > > >
>> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
>> > > ezsra.mcdonald@gmail.com
>> > > > >
>> > > > wrote:
>> > > >
>> > > > > It did in dev as well. But prod I waited a couple minutes. When
I
>> > > > > restarted password was not changed.
>> > > > >
>> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
>> > kayyagari@apache.org
>> > > >
>> > > > > wrote:
>> > > > >
>> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
>> > > > >> ezsra.mcdonald@gmail.com>
>> > > > >> wrote:
>> > > > >>
>> > > > >> > Is there any reason why this jar would report "Successfully
>> > modified
>> > > > >> > password" but not return to the shell prompt?
>> > > > >> >
>> > > > >> it might be taking a while to stop the server, but on OS
X (my
>> > > machine)
>> > > > >> where I tested
>> > > > >> it returns immediately
>> > > > >>
>> > > > >> >
>> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
>> > > > >> ezsra.mcdonald@gmail.com
>> > > > >> > >
>> > > > >> > wrote:
>> > > > >> >
>> > > > >> > > I was wrong. Test loign on the wrong instance,
sorry. It
>> worked
>> > in
>> > > > >> Dev.
>> > > > >> > >
>> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald
<
>> > > > >> > ezsra.mcdonald@gmail.com
>> > > > >> > > > wrote:
>> > > > >> > >
>> > > > >> > >> Thanks Kiran,
>> > > > >> > >>
>> > > > >> > >> I ran this the jar targeting my dev instance
>> > > > >> > >>
>> > > > >> > >> /opt/ads/var/lib/default
>> > > > >> > >>
>> > > > >> > >> log4j:WARN No appenders could be found for
logger
>> > > > >> > >> (org.apache.directory.server.ApacheDsService).
>> > > > >> > >> log4j:WARN Please initialize the log4j system
properly.
>> > > > >> > >> log4j:WARN See
>> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > > > >> > for
>> > > > >> > >> more info.
>> > > > >> > >>            _                     _        
 ____  ____
>> > > > >> > >>           / \   _ __    ___  ___| |__   ___|
 _ \/ ___|
>> > > > >> > >>          / _ \ | '_ \ / _` |/ __| '_ \ / _
\ | | \___ \
>> > > > >> > >>         / ___ \| |_) | (_| | (__| | | |  __/
|_| |___) |
>> > > > >> > >>        /_/   \_\ .__/ \__,_|\___|_| |_|\___|____/|____/
>> > > > >> > >>                |_|
>> > > > >> > >>
>> > > > >> > >> Successfully modified password
>> > > > >> > >>
>> > > > >> > >>
>> > > > >> > >> But the password was still the old password.
>> > > > >> > >>
>> > > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari
<
>> > > > >> kayyagari@apache.org>
>> > > > >> > >> wrote:
>> > > > >> > >>
>> > > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra
McDonald <
>> > > > >> > >>> ezsra.mcdonald@gmail.com>
>> > > > >> > >>> wrote:
>> > > > >> > >>>
>> > > > >> > >>> > Any ideas Kiran? I tried using ldapmodify
with a LDIF as
>> > > below:
>> > > > >> > >>> >
>> > > > >> > >>> > sorry for the delay, was building
a tool to change the
>> > > password
>> > > > >> cause
>> > > > >> > >>> any
>> > > > >> > >>> other means of changing
>> > > > >> > >>> it doesn't work
>> > > > >> > >>>
>> > > > >> > >>> please follow the below steps:
>> > > > >> > >>>
>> > > > >> > >>> 1. get the ads-passwd-reset.jar from here
>> > > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
>> > > > >> > >>> 2. stop the server
>> > > > >> > >>> 3. run the command
>> > > > >> > >>>      java -jar target/ads-passwd-reset.jar
>> > > > >> <your-path-to-DS-instance>
>> > > > >> > >>> <user-dn> <new-password>
>> > > > >> > >>>
>> > > > >> > >>>     your-path-to-DS-instance :  the path
to the instance
>> you
>> > are
>> > > > >> using,
>> > > > >> > >>> most likely it is the 'default' instance
>> > > > >> > >>>                                       
         so
>> something
>> > > > >> > >>> <path-to-ds-installation>/instances/default
>> > > > >> > >>>                                 user-dn
:
>> uid=admin,ou=system
>> > > > >> > >>>                      new-password :  the
new password
>> > > > >> > >>>
>> > > > >> > >>> 4. after successful execution of above
command start the
>> > server
>> > > > >> > >>>
>> > > > >> > >>> If you would like to build this tool then
check it out from
>> > > > >> > >>>
>> > > > >> >
>> > > > >>
>> > > >
>> > >
>> >
>> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
>> > > > >> > >>>
>> > > > >> > >>> Let me know if you need further assistance.
>> > > > >> > >>>
>> > > > >> > >>>
>> > > > >> > >>>
>> > > > >> > >>> > dn: uid=admin,ou=system
>> > > > >> > >>> > changetype: modify
>> > > > >> > >>> > replace: userPassword
>> > > > >> > >>> > userPassword: PW_HERE_PLEASE
>> > > > >> > >>> >
>> > > > >> > >>> > I assume it needs more system attributes
to get around
>> this?
>> > > > >> > >>> >
>> > > > >> > >>> > Is there a config entry that can disable
password aging
>> > that I
>> > > > can
>> > > > >> > >>> change
>> > > > >> > >>> > with an editor and restart the instance?
>> > > > >> > >>> >
>> > > > >> > >>> >
>> > > > >> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra
McDonald <
>> > > > >> > >>> ezsra.mcdonald@gmail.com>
>> > > > >> > >>> > wrote:
>> > > > >> > >>> >
>> > > > >> > >>> > > ADS M20
>> > > > >> > >>> > >
>> > > > >> > >>> > > Thanks
>> > > > >> > >>> > >
>> > > > >> > >>> > > On Fri, Sep 18, 2015 at 8:46
AM, Kiran Ayyagari <
>> > > > >> > >>> kayyagari@apache.org>
>> > > > >> > >>> > > wrote:
>> > > > >> > >>> > >
>> > > > >> > >>> > >> which version of the server
are you using?
>> > > > >> > >>> > >>
>> > > > >> > >>> > >> On Fri, Sep 18, 2015 at 9:44
PM, Ezsra McDonald <
>> > > > >> > >>> > ezsra.mcdonald@gmail.com
>> > > > >> > >>> > >> >
>> > > > >> > >>> > >> wrote:
>> > > > >> > >>> > >>
>> > > > >> > >>> > >> > I am researching but
if anyone can suggest a
>> solution,
>> > it
>> > > > >> > appears
>> > > > >> > >>> my
>> > > > >> > >>> > >> > uid=admin,ou=system
password expired. I did not
>> realize
>> > > the
>> > > > >> > aging
>> > > > >> > >>> > >> applied
>> > > > >> > >>> > >> > to the admin user.
>> > > > >> > >>> > >> >
>> > > > >> > >>> > >> > Urgently need to resolve
this issue.
>> > > > >> > >>> > >> >
>> > > > >> > >>> > >>
>> > > > >> > >>> > >>
>> > > > >> > >>> > >>
>> > > > >> > >>> > >> --
>> > > > >> > >>> > >> Kiran Ayyagari
>> > > > >> > >>> > >> http://keydap.com
>> > > > >> > >>> > >>
>> > > > >> > >>> > >
>> > > > >> > >>> > >
>> > > > >> > >>> >
>> > > > >> > >>>
>> > > > >> > >>>
>> > > > >> > >>>
>> > > > >> > >>> --
>> > > > >> > >>> Kiran Ayyagari
>> > > > >> > >>> http://keydap.com
>> > > > >> > >>>
>> > > > >> > >>
>> > > > >> > >>
>> > > > >> > >
>> > > > >> >
>> > > > >>
>> > > > >>
>> > > > >>
>> > > > >> --
>> > > > >> Kiran Ayyagari
>> > > > >> http://keydap.com
>> > > > >>
>> > > > >
>> > > > >
>> > > >
>> > >
>> > >
>> > >
>> > > --
>> > > Kiran Ayyagari
>> > > http://keydap.com
>> > >
>> >
>>
>>
>>
>> --
>> Kiran Ayyagari
>> http://keydap.com
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message