How To Expire a New Password on An Existing Acid?

Document ID : KB000019259
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

We have an existing acid and we would like to change its password, but we also would like to expire it at next logon.

How do we do that?

Solution:

Here it an example of ldapmodify command and its ldif file to create a new acid with an expired password:

ldapmodify -c -h YourHostName -p 389 -D cn=Admin -w password -x -f Your.ldif

YourHostName is your TCPIP name of your Host.
389 is the default port, use yours.
Admin is the administrator acid.
Your.ldif is your ldif file which contains what follows between the Top and End boundaries.

*** Top Of Ldif ****
dn: tssacid=myacid,tssadmingrp=acids,host=usi252me,o=ca,c=us
changetype: modify
replace: userPassword
userPassword: USRPWD,,EXP
*** End Of Ldif ***

The dn: has to fit your host definition, see your slapd.conf suffix field.