Not able to reset password in OpenLDAP


Affected Versions: All

Password Reset is not currently supported with OpenLDAP.

You can use following steps as a workaround, but the password update using this method will be in clear text.

  1. Setup a Self Service Account Update Realm
  2. Configure the Self Service Account page and set AUX ID 1 to show enabled
  3. Under the data tab, use SUN ONE for Data Store. Under the Profile Fields section, enter userPassword for Aux ID 1 field and enable writeable.


More information:

When you tried to store userPassword attribute in add/modify LDAP operations, userPassword value is stored as plain text. But you can override this behavior using ppolicy_hash_cleartext option in ppolicy overlay module in OpenLDAP. Once you enable it, when client sends a plain text password, it is stored as SSHA by default.

0 out of 0 found this helpful



Please sign in to leave a comment.