Saturday, September 12, 2009

[SunDS] How to change administrative account passwords - Part I

There are 2 administrative accounts to manage Sun Directory Server 5.x - "admin" and "cn=Directory Manager".

I'll touch on how to change the password for "admin" in this post.



bash-3.00# cd /ds
bash-3.00# ./stop-admin
bash-3.00# cd /slapd-config
bash-3.00# ./stop-slapd 

bash-3.00# ./saveconfig 
saving configuration ...
ldiffile: /ds/slapd-config/confbak/2009_09_07_191328.ldif
[07/Sep/2009:19:13:29 +0800] - export NetscapeRoot: Processed 120 entries (100%).

bash-3.00# ./getpwenc SSHA adminPass1
{SSHA}IDZHlTdMHPFWxVcuuAMzIC3By95HcSxpSWFqBQ==
bash-3.00# ./getpwenc SHA adminPass1
{SHA}2etSUqeqj1KEtprvH1hIR9psfYM=

bash-3.00# vi /ds/slapd-config/confbak/2009_09_07_191328.ldif
dn: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
Change
userPassword: {SSHA}PFP09Ls49aN6edvgOMPa+4TjYVpML6tABEtEHQ==
to
userPassword: {SSHA}IDZHlTdMHPFWxVcuuAMzIC3By95HcSxpSWFqBQ==


dn: cn=admin-serv-ds, cn=Administration Server, cn=Server Group, cn=ds.sg.sun, ou=sg.sun, o=NetscapeRoot
Change
userPassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
to
userPassword: {SHA}2etSUqeqj1KEtprvH1hIR9psfYM=

bash-3.00# ./restoreconfig 
Restoring /ds/slapd-config/confbak/2009_09_07_191328.ldif
[07/Sep/2009:19:31:59 +0800] - import NetscapeRoot: Index buffering enabled with bucket size 16
:
[07/Sep/2009:19:32:03 +0800] - import NetscapeRoot: Import complete.  Processed 120 entries in 3 seconds. (40.00 entries/sec)

bash-3.00# cd /ds
bash-3.00# cd admin-serv/config
bash-3.00# vi adm.conf   (yes, in plain text. I do not know why this is so)
Change
siepid:   password
to
siepid:   adminPass1

bash-3.00# vi admpw
Change
admin:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=
to
admin:{SHA}2etSUqeqj1KEtprvH1hIR9psfYM=
bash-3.00# cd /ds
bash-3.00# slapd-config/start-slapd 
bash-3.00# ./start-admin 
SunONE-WebServer-Enterprise/6.0SP3 B05/19/2004 05:32
[LS ls1] http://ds.sg.sun, port 391 ready to accept requests
startup: server started successfully


PS: I found the section highlighted in BLUE is redundant. Whatever change you made to admpw does not kick into effect. My test environment is Sun Directory Server 5.2 Patch 6.



No comments:

Post a Comment