From 4230d81769fff0131508e2a3de7872ee0c7fff41 Mon Sep 17 00:00:00 2001 From: Marisa Date: Tue, 23 Sep 2025 14:49:04 -0400 Subject: [PATCH] Update README.md --- README.md | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/README.md b/README.md index a5188ed..008fd13 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,46 @@ now we have an **Organizational Unit (ou=People, ou=Group, etc.)** with users an ## _Users administrative tasks_ +### _Reset root password_ + +Build line by line, the .ldif file we will need to reset root password, starting whit the following command: +``` +root@example:/# ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(olcSuffix=dc=example,dc=com)' dn > rootpw.ldif +``` +which writes to the rootpw.ldif file, the current rootDN (Distinguised Name): `dn: olcDatabase={1}mdb,cn=config`\ +The next command will add the 'changetype' (modify, add, etc.) and what object are we working with: +``` +root@example:/# echo -e 'changetype: modify\nreplace: olcRootPW: ' >> rootpw.ldif +root@example:/etc/ldap# cat rootpw.ldif +dn: olcDatabase={1}mdb,cn=config + +changetype: modify +replace: olcRootPW +``` +We run a simple sed command to delete blank lines +``` +root@example:/# sed '/^$/d' rootpw.ldif > chrootpw.ldif +root@example:/# cat chrootpw.ldif +dn: olcDatabase={1}mdb,cn=config +changetype: modify +replace: olcRootPW +``` +It's time to write our new password (_newpasswd_): +``` +root@example:/# slappasswd -s 1234 +{SSHA}2xbd33S4ZumAZW4Oks0GJidBFJYEVBPz +``` +The last line it's our password 1234 hashed in SSHA cryptography. We will need to copy and paste it in the following command: +``` +root@example:/# echo "olcRootPW: {SSHA}2xbd33S4ZumAZW4Oks0GJidBFJYEVBPz" >> chrootpw.ldif +``` +The file that describes the variables needed to change our root password, **chrootpw.ldif** should be ready, we finally run: +``` +root@example:/etc/ldap# ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f chrootpw.ldif +modifying entry "olcDatabase={1}mdb,cn=config" +``` +If successful, the output will show the modified entry. + ### _Add users_ create a new LDAP directory called Supergirls (LDAP OU) with the following data