Knowledge Base

Support Policies

Not able to reset password in OpenLDAP

Affected Versions: All

Cause:
Password Reset is not currently supported with OpenLDAP.

Resolution:
You can use following steps as a workaround, but the password update using this method will be in clear text.

  1. Setup a Self Service Account Update Realm
  2. Configure the Self Service Account page and set AUX ID 1 to show enabled
  3. Under the data tab, use SUN ONE for Data Store. Under the Profile Fields section, enter userPassword for Aux ID 1 field and enable writeable.

 

More information:

When you tried to store userPassword attribute in add/modify LDAP operations, userPassword value is stored as plain text. But you can override this behavior using ppolicy_hash_cleartext option in ppolicy overlay module in OpenLDAP. Once you enable it, when client sends a plain text password, it is stored as SSHA by default.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.