Noriko,
It did work, thank you for your help. Replication is now working properly.
One question, I'm used to using cn=Directory Manager as well. Is
there any downside to using cn=Administrators for 'root' privileges?
Thanks,
Herb
Ok. Then, did these work for you?
$ ldapsearch -x -D "cn=Administrators" -w <pw> -s base -b ""
"objectclass=*"
$ ldapmodify -x-D "cn=Administrators" -w <pw><< EOF
dn: cn=replication Manager,cn=config
changetype: modify
replace: userPassword
userPassword: <new_password>
EOF
On Wed, Apr 2, 2014 at 4:31 PM, Herb Burnswell
<herbert.burnswell(a)gmail.com>wrote:
Noriko,
I receive:
nsslapd_rootdn: cn=Administrators
On Wed, Apr 2, 2014 at 4:02 PM, Herb Burnswell <
herbert.burnswell(a)gmail.com> wrote:
> Noriko,
>
> Thank you for your response. It looks like there's an issue with directory
manager privilege. When I attempt the command:
>
> ldapsearch -x -D "cn=Directory Manager" -w <pw> -s base -b
"" "objectclass=*"
>
> ldap_bind: No such object (32)
>
>
> How can I confirm directory manager user?
>
>
> Thanks again for your help,
>
> Herb
>
>
>
>
> Hello,
>
> This password is base64 encoded and folded at the ~80th column. (So,
> please do not remove the last '=')
> userPassword::
> e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ==
>
> If you decode it, it looks like this:
>
> {SSHA}ticY7aq9EIThbdkdxXqlV7gKfxR1ZExBVwLNxA==
>
> It is SSHA hashed.
>
> I think you have a directory manager privilege. If so, you could reset
> the password by ldapmodify command?
> ldapmodify ... << EOF
> dn: cn=replicationManager,cn=config
> changetype: modify
> replace: userPassword
> userPassword: <new_password>
> EOF
>
> Herb Burnswell wrote:
> >* All,
> *
> >>* I am taking over a newly installed 389-ds environment:
> *>>* 389-admin-1.1.29-1.el6.x86_64
> *>* 389-admin-console-1.1.8-1.el6.noarch
> *>* 389-admin-console-doc-1.1.8-1.el6.noarch
> *>* 389-adminutil-1.1.15-1.el6.x86_64
> *>* 389-console-1.1.7-1.el6.noarch
> *>* 389-ds-1.2.2-1.el6.noarch
> *>* 389-ds-base-1.2.11.15-32.el6_5.x86_64
> *>* 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64
> *>* 389-ds-console-1.2.6-1.el6.noarch
> *>* 389-ds-console-doc-1.2.6-1.el6.noarch
> *>* 389-dsgw-1.1.10-1.el6.x86_64
> *>>* I have two systems that I will use as Multiple Masters. The problem
> *>* is when creating a replication agreement on each side, replication
> *>* fails with:
> *>>* 49 LDAP error invalid credentials
> *>>* So, I need to reset the replication manager user password. When I
> *>* look at the dse.ldif file I see:
> *>>* dn: cn=replicationManager,cn=config
> *>* objectClass: inetorgperson
> *>* objectClass: person
> *>* objectClass: top
> *>* objectClass: organizationalPerson
> *>* cn: replicationManager
> *>* sn: RM
> *>* passwordExpirationTime: 20380119031407Z
> *>* nsIdleTimeout: 0
> *>* userPassword::
> *>* e1NTSEF9dGljWTdhcTlFSVRoYmRrZHhYcWxWN2dLZnhSMVpFeEJWd0xOeEE9PQ=
> *>* =
> *>* creatorsName: cn=administrators
> *>* modifiersName: cn=administrators
> *>* createTimestamp: 20131025040123Z
> *>* modifyTimestamp: 20131025040123Z
> *>>>* This looks odd to me regarding the userPassword and it having an
> *>* 'extra line' after it. If I move the '=' sign back to the
same above
> *>* line and bounce dirsrv it goes back to the above.
> *>>* In any event, how can I reset this password? Any assistance is
> *>* greatly appreciated.
> *>>* Thanks in advance,
> *>>* Herb*
>
>