I changed using this procedure:
Change DM password
You will have to edit the main server config file (dse.ldif). Before you do
that, you must shutdown the server. If the server is running and you edit
dse.ldif, your changes will be lost:
# stop-dirsrv
Next, generate the new password using the pwdhash command.
# /usr/bin/pwdhash <NEWPASS>
This will print out the hashed password string using the default directory
manager password hashing scheme for your instance (SSHA by default). Then
# cd /etc/dirsrv/slapd-<INSTANCE>
Edit dse.ldif (you should have already shutdown the server - see above) -
search for nsslapd-rootpw - you will see a line like this:
# nsslapd-rootpw: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
Replace the value with the value printed out by pwdhash and save the file. Then
restart the server:
# start-dirsrv
Then test your new password:
# ldapsearch -x -b "cn=accounts,dc=ipa,dc=example,dc=org"
"(&(objectclass=ipaservice)(userCertificate=*))" krbPrincipalName -D
"cn=directory manager" -w <NEWPASS> -h localhost -p 389
Finally, REPEAT IT FOR ALL THE SERVERS and REPLICAS
Thanks & Regards.
______________________________
Miguel Soler Sangüesa
Consultant - Linux Systems Administrator
OPPV - Linux Server Support
[cid:image001.png@01D3F0F3.BD814080] + 34 96 199 39 24 - EXT 3924
[cid:image002.png@01D3F0F3.BD814080] + 41 22 929 19 13
[cid:image003.jpg@01D3F0F3.BD814080]<https://www.unicc.org/Pages/Home.aspx>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/DITV724JW5IODL7SHYAX3IQG47RKTLLI/
