I changed using this procedure:
Change DM password You will have to edit the main server config file (dse.ldif). Before you do that, you must shutdown the server. If the server is running and you edit dse.ldif, your changes will be lost: # stop-dirsrv Next, generate the new password using the pwdhash command. # /usr/bin/pwdhash <NEWPASS> This will print out the hashed password string using the default directory manager password hashing scheme for your instance (SSHA by default). Then # cd /etc/dirsrv/slapd-<INSTANCE> Edit dse.ldif (you should have already shutdown the server - see above) - search for nsslapd-rootpw - you will see a line like this: # nsslapd-rootpw: {SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXX== Replace the value with the value printed out by pwdhash and save the file. Then restart the server: # start-dirsrv Then test your new password: # ldapsearch -x -b "cn=accounts,dc=ipa,dc=example,dc=org" "(&(objectclass=ipaservice)(userCertificate=*))" krbPrincipalName -D "cn=directory manager" -w <NEWPASS> -h localhost -p 389 Finally, REPEAT IT FOR ALL THE SERVERS and REPLICAS Thanks & Regards. ______________________________ Miguel Soler Sangüesa Consultant - Linux Systems Administrator OPPV - Linux Server Support [cid:image001.png@01D3F0F3.BD814080] + 34 96 199 39 24 - EXT 3924 [cid:image002.png@01D3F0F3.BD814080] + 41 22 929 19 13 [cid:image003.jpg@01D3F0F3.BD814080]<https://www.unicc.org/Pages/Home.aspx>
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/DITV724JW5IODL7SHYAX3IQG47RKTLLI/