Not able to reset password in OpenLDAP

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • Affected Versions: All

    Password Reset is not currently supported with OpenLDAP.

    You can use following steps as a workaround, but the password update using this method will be in clear text.

    1. Setup a Self Service Account Update Realm
    2. Configure the Self Service Account page and set AUX ID 1 to show enabled
    3. Under the data tab, use SUN ONE for Data Store. Under the Profile Fields section, enter userPassword for Aux ID 1 field and enable writeable.


    More information:

    When you tried to store userPassword attribute in add/modify LDAP operations, userPassword value is stored as plain text. But you can override this behavior using ppolicy_hash_cleartext option in ppolicy overlay module in OpenLDAP. Once you enable it, when client sends a plain text password, it is stored as SSHA by default.

    0 out of 0 found this helpful



    Please sign in to leave a comment.