Summary: How to change a password for SUN LDAP server users with a convenient script.
Date: Around 2012
Refactor: 29 April 2025: Checked links and formatting.
For the convenience of client support a script has been created to easily change the password of users. Simply follow these steps to change the password of an user:
Note: Never tell the user the password, always email it to prevent “social password hacking”
Because of the password policy it's not allowed to change the password to a password that has been used before. Which means, with the script you can't reset the password twice on one day. The solution is to contact a Sysadmin who can
Note that the script has to be run as root or might get error messages regarding access of the .prd file (where the password is located for the simple bind).
#!/usr/bin/bash # Generate a password if [ "$1" ] then NPWD="$1" else NPWD=$(date +%a%d%h) fi clear cd bin tput bold tput smul echo "<company> Client Support Change User Password" tput rmul tput rmso echo echo -n "Username: " read USERNAME FULLNAME=$(getent passwd $USERNAME | cut -d: -f5) if [ ! "$FULLNAME" ] then echo "User \"$USERNAME\" unknown" exit else echo "dn: uid=$USERNAME,ou=people,dc=prd,dc=domain" >/tmp/newpwd.ldif echo "changetype: modify" >>/tmp/newpwd.ldif echo "replace: userPassword" >>/tmp/newpwd.ldif echo "userPassword: $NPWD" >>/tmp/newpwd.ldif echo "Changing password for \"$FULLNAME\"" echo ldapmodify -h ldaphgost02 -f /tmp/newpwd.ldif -D "cn=Directory Manager" -j .pwd >/dev/null rm /tmp/newpwd.ldif fi echo echo "Password is reset to $NPWD" echo "Finished, press <Enter> to exit" echo read dummy exit