date:20150918

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Kiran,

You are our hero!! Thank you so much for all the assistance.

I will be following up with our team about the current password policies
and get a monitor on this.

Thanks again!


On Fri, Sep 18, 2015 at 12:23 PM, Kiran Ayyagari 
wrote:

> On Sat, Sep 19, 2015 at 1:21 AM, Ezsra McDonald 
> wrote:
>
> > One server worked, the other gave this error:
> >
> > Exception in thread "main" java.lang.UnsupportedClassVersionError:
> > org/apache/directory/server/core/api/InstanceLayout : Unsupported
> > major.minor version 51.0
> >
> make sure you are running the same version of java on both machines, or
> just
> build that jar on this failing box and execute
>
> > at java.lang.ClassLoader.defineClass1(Native Method)
> > at java.lang.ClassLoader.defineClass(ClassLoader.java:643)
> > at
> > java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
> > at java.net.URLClassLoader.defineClass(URLClassLoader.java:277)
> > at java.net.URLClassLoader.access$000(URLClassLoader.java:73)
> > at java.net.URLClassLoader$1.run(URLClassLoader.java:212)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
> > at java.lang.ClassLoader.loadClass(ClassLoader.java:323)
> > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
> > at java.lang.ClassLoader.loadClass(ClassLoader.java:268)
> > at
> org.apache.directory.PasswordResetter.main(PasswordResetter.java:57)
> >
> > On Fri, Sep 18, 2015 at 12:07 PM, Kiran Ayyagari 
> > wrote:
> >
> > > On Sat, Sep 19, 2015 at 12:40 AM, Ezsra McDonald <
> > ezsra.mcdon...@gmail.com
> > > >
> > > wrote:
> > >
> > > > Is the jar resetting the password aging stuff?
> > > >
> > > ah this must be the reason, committed a change, please test with the
> > latest
> > > build
> > > https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> > >
> > > >
> > > > On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald <
> > > ezsra.mcdon...@gmail.com
> > > > >
> > > > wrote:
> > > >
> > > > > Stopping all the instances allowed the jar to exit back to shell,
> but
> > > it
> > > > > still says the password is expired when I start the instance and
> try
> > to
> > > > > login.
> > > > >
> > > > > On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari <
> > kayyag...@apache.org
> > > >
> > > > > wrote:
> > > > >
> > > > >> try stopping all nodes, and run this command on one of them and
> > > restart
> > > > >> both
> > > > >>
> > > > >> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <
> > > > >> ezsra.mcdon...@gmail.com>
> > > > >> wrote:
> > > > >>
> > > > >> > Yeah...it never comes back to prompt. Is there a plan B?
> > > > >> >
> > > > >> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari <
> > > > kayyag...@apache.org>
> > > > >> > wrote:
> > > > >> >
> > > > >> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> > > > >> > ezsra.mcdon...@gmail.com
> > > > >> > > >
> > > > >> > > wrote:
> > > > >> > >
> > > > >> > > > Does it matter that the ADS servers are in Multi-Master
> > setup?
> > > > >> > > >
> > > > >> > > no, the change should be propagated to the other nodes after
> > > > starting
> > > > >> the
> > > > >> > > node on which the
> > > > >> > > password was changed.
> > > > >> > >
> > > > >> > > And if you used this password on other nodes to connect to the
> > > > updated
> > > > >> > node
> > > > >> > > then you need to
> > > > >> > > login to the other nodes and change the old password in
> > > replication
> > > > >> > > configurations
> > > > >> > >
> > > > >> > > >
> > > > >> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> > > > >> > > ezsra.mcdon...@gmail.com
> > > > >> > > > >
> > > > >> > > > wrote:
> > > > >> > > >
> > > > >> > > > > It did in dev as well. But prod I waited a couple minutes.
> > > When
> > > > I
> > > > >> > > > > restarted password was not changed.
> > > > >> > > > >
> > > > >> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> > > > >> > kayyag...@apache.org
> > > > >> > > >
> > > > >> > > > > wrote:
> > > > >> > > > >
> > > > >> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> > > > >> > > > >> ezsra.mcdon...@gmail.com>
> > > > >> > > > >> wrote:
> > > > >> > > > >>
> > > > >> > > > >> > Is there any reason why this jar would report
> > "Successfully
> > > > >> > modified
> > > > >> > > > >> > password" but not return to the shell prompt?
> > > > >> > > > >> >
> > > > >> > > > >> it might be taking a while to stop the server, but on OS
> X
> > > (my
> > > > >> > > machine)
> > > > >> > > > >> where I tested
> > > > >> > > > >> it returns immediately
> > > > >> > > > >>
> > > > >> > > > >> >
> > > > >> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> > > > >> > > > >> ezsra.mcdon...@gmail.com
> > > > >> > > > >> > >
> > > > >> > > > >> > wrote:
> > > > >> > > > >> >
> > > > >> > > > >> > > I was wrong.

Re: Get all attributes

2015-09-18 Thread Syed Mudassir Ahmed

Ping!! Can someone help?

Sent from my iPad

> On 18-Sep-2015, at 11:06 PM, Syed Mudassir Ahmed  wrote:
> 
> Hi Everybody,
>  I am using plain java coding (Apache directory API)  This is the problem I 
> am facing.
>  I am able to connect to Windows Active Directory.  I am able to lookup an 
> object and get the attributes.
>  Suppose an entry has 'm' attributes out of which 'n' attributes are assigned 
> values.  The remaining attributes are simply unassigned.
>  When I do search or lookup operation, I am getting only 'n' attributes 
> listed.  I need the reamining (m-n) attributes as well.
>  Anyone can help how to that?  How are you fetching it?
> 
> Sent from my iPad

Re: Question about fetching attributes

2015-09-18 Thread Jim Willeke

With Microsoft Active Directory it is even more complex. Microsoft Active
Directory has the concept of Statically Linked Auxiliary Classes
 along
with the combination of ObjectClasses.

There is a write up on Microsoft Active Directory Determine the Classes
Associated With an Entry

.

--
-jim
Jim Willeke

On Fri, Sep 18, 2015 at 6:39 AM, Kiran Ayyagari 
wrote:

>
>
> On Fri, Sep 18, 2015 at 7:47 PM, Syed Mudassir <
> syed.mudas...@gaianconsultants.com> wrote:
>
>> Hi Everybody,
>>   I am able to connect to Windows Active Directory.  I am able to lookup
>> an object and get the attributes.  However, this is the problem I am facing.
>>   Suppose an entry has 'm' attributes out of which 'n' attributes are
>> assigned values.  The remaining attributes are simply unassigned.
>>   When I do search or lookup operation, I am getting only 'n' attributes
>> listed.  I need the reamining (m-n) attributes as well.
>>
> you will only get the attributes that have values
>
>>   Anyone can help how to do that?
>> --
>>
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Re: Admin password expired

2015-09-18 Thread Kiran Ayyagari

On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald 
wrote:

> Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
>
> sorry for the delay, was building a tool to change the password cause any
other means of changing
it doesn't work

please follow the below steps:

1. get the ads-passwd-reset.jar from here
https://people.apache.org/~kayyagari/ads-passwd-reset.jar
2. stop the server
3. run the command
 java -jar target/ads-passwd-reset.jar 
 

your-path-to-DS-instance :  the path to the instance you are using,
most likely it is the 'default' instance
so something
/instances/default
user-dn :  uid=admin,ou=system
 new-password :  the new password

4. after successful execution of above command start the server

If you would like to build this tool then check it out from
http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/

Let me know if you need further assistance.



> dn: uid=admin,ou=system
> changetype: modify
> replace: userPassword
> userPassword: PW_HERE_PLEASE
>
> I assume it needs more system attributes to get around this?
>
> Is there a config entry that can disable password aging that I can change
> with an editor and restart the instance?
>
>
> On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald 
> wrote:
>
> > ADS M20
> >
> > Thanks
> >
> > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari 
> > wrote:
> >
> >> which version of the server are you using?
> >>
> >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
> ezsra.mcdon...@gmail.com
> >> >
> >> wrote:
> >>
> >> > I am researching but if anyone can suggest a solution, it appears my
> >> > uid=admin,ou=system password expired. I did not realize the aging
> >> applied
> >> > to the admin user.
> >> >
> >> > Urgently need to resolve this issue.
> >> >
> >>
> >>
> >>
> >> --
> >> Kiran Ayyagari
> >> http://keydap.com
> >>
> >
> >
>



-- 
Kiran Ayyagari
http://keydap.com

Question about fetching attributes

2015-09-18 Thread Syed Mudassir


Hi Everybody,
  I am able to connect to Windows Active Directory.  I am able to 
lookup an object and get the attributes.  However, this is the problem I 
am facing.
  Suppose an entry has 'm' attributes out of which 'n' attributes are 
assigned values.  The remaining attributes are simply unassigned.
  When I do search or lookup operation, I am getting only 'n' 
attributes listed.  I need the reamining (m-n) attributes as well.

  Anyone can help how to do that?
--

Re: Admin password expired

2015-09-18 Thread Kiran Ayyagari

which version of the server are you using?

On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald 
wrote:

> I am researching but if anyone can suggest a solution, it appears my
> uid=admin,ou=system password expired. I did not realize the aging applied
> to the admin user.
>
> Urgently need to resolve this issue.
>



-- 
Kiran Ayyagari
http://keydap.com

Re: Question about fetching attributes

2015-09-18 Thread Kiran Ayyagari

On Fri, Sep 18, 2015 at 7:47 PM, Syed Mudassir <
syed.mudas...@gaianconsultants.com> wrote:

> Hi Everybody,
>   I am able to connect to Windows Active Directory.  I am able to lookup
> an object and get the attributes.  However, this is the problem I am facing.
>   Suppose an entry has 'm' attributes out of which 'n' attributes are
> assigned values.  The remaining attributes are simply unassigned.
>   When I do search or lookup operation, I am getting only 'n' attributes
> listed.  I need the reamining (m-n) attributes as well.
>
you will only get the attributes that have values

>   Anyone can help how to do that?
> --
>



-- 
Kiran Ayyagari
http://keydap.com

Re: Question about fetching attributes

2015-09-18 Thread Emmanuel Lécharny

Le 18/09/15 13:47, Syed Mudassir a écrit :
> Hi Everybody,
>I am able to connect to Windows Active Directory.  I am able to lookup an 
> object and get the attributes.  However, this is the problem I am facing.
>Suppose an entry has 'm' attributes out of which 'n' attributes are 
> assigned 
> values.  The remaining attributes are simply unassigned.
>When I do search or lookup operation, I am getting only 'n' attributes 
> listed.  I need the reamining (m-n) attributes as well.
>Anyone can help how to do that?

The list of attributes that an entry can contain is available in the
combinaison of ObjectClasses this entry is subject to. Two things though :
- ObjectClasses can inherit from some other ObjectClasses, and those
parent ObjectClasses may not be present in teh Entry. You will have to
know about them on the client side
- if one of the ObjectClass is extensibleObject, then the entry may
contain *any* attribute, even some that the server does not support.

In any case, your client application must have some knowledge about your
LDAP server schema.

Otherwise, any reason you need to know which are the missing attributes ?

Admin password expired

2015-09-18 Thread Ezsra McDonald

I am researching but if anyone can suggest a solution, it appears my
uid=admin,ou=system password expired. I did not realize the aging applied
to the admin user.

Urgently need to resolve this issue.

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

ADS M20

Thanks

On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari 
wrote:

> which version of the server are you using?
>
> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald 
> wrote:
>
> > I am researching but if anyone can suggest a solution, it appears my
> > uid=admin,ou=system password expired. I did not realize the aging applied
> > to the admin user.
> >
> > Urgently need to resolve this issue.
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Stopping all the instances allowed the jar to exit back to shell, but it
still says the password is expired when I start the instance and try to
login.

On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari 
wrote:

> try stopping all nodes, and run this command on one of them and restart
> both
>
> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald  >
> wrote:
>
> > Yeah...it never comes back to prompt. Is there a plan B?
> >
> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari 
> > wrote:
> >
> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> > ezsra.mcdon...@gmail.com
> > > >
> > > wrote:
> > >
> > > > Does it matter that the ADS servers are in Multi-Master  setup?
> > > >
> > > no, the change should be propagated to the other nodes after starting
> the
> > > node on which the
> > > password was changed.
> > >
> > > And if you used this password on other nodes to connect to the updated
> > node
> > > then you need to
> > > login to the other nodes and change the old password in replication
> > > configurations
> > >
> > > >
> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> > > ezsra.mcdon...@gmail.com
> > > > >
> > > > wrote:
> > > >
> > > > > It did in dev as well. But prod I waited a couple minutes. When I
> > > > > restarted password was not changed.
> > > > >
> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> > kayyag...@apache.org
> > > >
> > > > > wrote:
> > > > >
> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> > > > >> ezsra.mcdon...@gmail.com>
> > > > >> wrote:
> > > > >>
> > > > >> > Is there any reason why this jar would report "Successfully
> > modified
> > > > >> > password" but not return to the shell prompt?
> > > > >> >
> > > > >> it might be taking a while to stop the server, but on OS X (my
> > > machine)
> > > > >> where I tested
> > > > >> it returns immediately
> > > > >>
> > > > >> >
> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> > > > >> ezsra.mcdon...@gmail.com
> > > > >> > >
> > > > >> > wrote:
> > > > >> >
> > > > >> > > I was wrong. Test loign on the wrong instance, sorry. It
> worked
> > in
> > > > >> Dev.
> > > > >> > >
> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> > > > >> > ezsra.mcdon...@gmail.com
> > > > >> > > > wrote:
> > > > >> > >
> > > > >> > >> Thanks Kiran,
> > > > >> > >>
> > > > >> > >> I ran this the jar targeting my dev instance
> > > > >> > >>
> > > > >> > >> /opt/ads/var/lib/default
> > > > >> > >>
> > > > >> > >> log4j:WARN No appenders could be found for logger
> > > > >> > >> (org.apache.directory.server.ApacheDsService).
> > > > >> > >> log4j:WARN Please initialize the log4j system properly.
> > > > >> > >> log4j:WARN See
> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > > > >> > for
> > > > >> > >> more info.
> > > > >> > >>_ _    
> > > > >> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
> > > > >> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> > > > >> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
> > > > >> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
> > > > >> > >>|_|
> > > > >> > >>
> > > > >> > >> Successfully modified password
> > > > >> > >>
> > > > >> > >>
> > > > >> > >> But the password was still the old password.
> > > > >> > >>
> > > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
> > > > >> kayyag...@apache.org>
> > > > >> > >> wrote:
> > > > >> > >>
> > > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
> > > > >> > >>> ezsra.mcdon...@gmail.com>
> > > > >> > >>> wrote:
> > > > >> > >>>
> > > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as
> > > below:
> > > > >> > >>> >
> > > > >> > >>> > sorry for the delay, was building a tool to change the
> > > password
> > > > >> cause
> > > > >> > >>> any
> > > > >> > >>> other means of changing
> > > > >> > >>> it doesn't work
> > > > >> > >>>
> > > > >> > >>> please follow the below steps:
> > > > >> > >>>
> > > > >> > >>> 1. get the ads-passwd-reset.jar from here
> > > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> > > > >> > >>> 2. stop the server
> > > > >> > >>> 3. run the command
> > > > >> > >>>  java -jar target/ads-passwd-reset.jar
> > > > >> 
> > > > >> > >>>  
> > > > >> > >>>
> > > > >> > >>> your-path-to-DS-instance :  the path to the instance you
> > are
> > > > >> using,
> > > > >> > >>> most likely it is the 'default' instance
> > > > >> > >>> so something
> > > > >> > >>> /instances/default
> > > > >> > >>> user-dn :
> uid=admin,ou=system
> > > > >> > >>>  new-password :  the new password
> > > > >> > >>>
> > > > >> > >>> 4. after successful execution of above command start the
> > server
> > > > >> > >>>
> > > > >>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Is the jar resetting the password aging stuff?

On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald 
wrote:

> Stopping all the instances allowed the jar to exit back to shell, but it
> still says the password is expired when I start the instance and try to
> login.
>
> On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari 
> wrote:
>
>> try stopping all nodes, and run this command on one of them and restart
>> both
>>
>> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <
>> ezsra.mcdon...@gmail.com>
>> wrote:
>>
>> > Yeah...it never comes back to prompt. Is there a plan B?
>> >
>> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari 
>> > wrote:
>> >
>> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
>> > ezsra.mcdon...@gmail.com
>> > > >
>> > > wrote:
>> > >
>> > > > Does it matter that the ADS servers are in Multi-Master  setup?
>> > > >
>> > > no, the change should be propagated to the other nodes after starting
>> the
>> > > node on which the
>> > > password was changed.
>> > >
>> > > And if you used this password on other nodes to connect to the updated
>> > node
>> > > then you need to
>> > > login to the other nodes and change the old password in replication
>> > > configurations
>> > >
>> > > >
>> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
>> > > ezsra.mcdon...@gmail.com
>> > > > >
>> > > > wrote:
>> > > >
>> > > > > It did in dev as well. But prod I waited a couple minutes. When I
>> > > > > restarted password was not changed.
>> > > > >
>> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
>> > kayyag...@apache.org
>> > > >
>> > > > > wrote:
>> > > > >
>> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
>> > > > >> ezsra.mcdon...@gmail.com>
>> > > > >> wrote:
>> > > > >>
>> > > > >> > Is there any reason why this jar would report "Successfully
>> > modified
>> > > > >> > password" but not return to the shell prompt?
>> > > > >> >
>> > > > >> it might be taking a while to stop the server, but on OS X (my
>> > > machine)
>> > > > >> where I tested
>> > > > >> it returns immediately
>> > > > >>
>> > > > >> >
>> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
>> > > > >> ezsra.mcdon...@gmail.com
>> > > > >> > >
>> > > > >> > wrote:
>> > > > >> >
>> > > > >> > > I was wrong. Test loign on the wrong instance, sorry. It
>> worked
>> > in
>> > > > >> Dev.
>> > > > >> > >
>> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
>> > > > >> > ezsra.mcdon...@gmail.com
>> > > > >> > > > wrote:
>> > > > >> > >
>> > > > >> > >> Thanks Kiran,
>> > > > >> > >>
>> > > > >> > >> I ran this the jar targeting my dev instance
>> > > > >> > >>
>> > > > >> > >> /opt/ads/var/lib/default
>> > > > >> > >>
>> > > > >> > >> log4j:WARN No appenders could be found for logger
>> > > > >> > >> (org.apache.directory.server.ApacheDsService).
>> > > > >> > >> log4j:WARN Please initialize the log4j system properly.
>> > > > >> > >> log4j:WARN See
>> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > > > >> > for
>> > > > >> > >> more info.
>> > > > >> > >>_ _    
>> > > > >> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
>> > > > >> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
>> > > > >> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
>> > > > >> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
>> > > > >> > >>|_|
>> > > > >> > >>
>> > > > >> > >> Successfully modified password
>> > > > >> > >>
>> > > > >> > >>
>> > > > >> > >> But the password was still the old password.
>> > > > >> > >>
>> > > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
>> > > > >> kayyag...@apache.org>
>> > > > >> > >> wrote:
>> > > > >> > >>
>> > > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
>> > > > >> > >>> ezsra.mcdon...@gmail.com>
>> > > > >> > >>> wrote:
>> > > > >> > >>>
>> > > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as
>> > > below:
>> > > > >> > >>> >
>> > > > >> > >>> > sorry for the delay, was building a tool to change the
>> > > password
>> > > > >> cause
>> > > > >> > >>> any
>> > > > >> > >>> other means of changing
>> > > > >> > >>> it doesn't work
>> > > > >> > >>>
>> > > > >> > >>> please follow the below steps:
>> > > > >> > >>>
>> > > > >> > >>> 1. get the ads-passwd-reset.jar from here
>> > > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
>> > > > >> > >>> 2. stop the server
>> > > > >> > >>> 3. run the command
>> > > > >> > >>>  java -jar target/ads-passwd-reset.jar
>> > > > >> 
>> > > > >> > >>>  
>> > > > >> > >>>
>> > > > >> > >>> your-path-to-DS-instance :  the path to the instance
>> you
>> > are
>> > > > >> using,
>> > > > >> > >>> most likely it is the 'default' instance
>> > > > >> > >>> so
>> something
>> > > > >> > >>> /instances/default

Re: Admin password expired

2015-09-18 Thread Kiran Ayyagari

On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald 
wrote:

> Does it matter that the ADS servers are in Multi-Master  setup?
>
no, the change should be propagated to the other nodes after starting the
node on which the
password was changed.

And if you used this password on other nodes to connect to the updated node
then you need to
login to the other nodes and change the old password in replication
configurations

>
> On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald  >
> wrote:
>
> > It did in dev as well. But prod I waited a couple minutes. When I
> > restarted password was not changed.
> >
> > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari 
> > wrote:
> >
> >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> >> ezsra.mcdon...@gmail.com>
> >> wrote:
> >>
> >> > Is there any reason why this jar would report "Successfully modified
> >> > password" but not return to the shell prompt?
> >> >
> >> it might be taking a while to stop the server, but on OS X (my machine)
> >> where I tested
> >> it returns immediately
> >>
> >> >
> >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> >> ezsra.mcdon...@gmail.com
> >> > >
> >> > wrote:
> >> >
> >> > > I was wrong. Test loign on the wrong instance, sorry. It worked in
> >> Dev.
> >> > >
> >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> >> > ezsra.mcdon...@gmail.com
> >> > > > wrote:
> >> > >
> >> > >> Thanks Kiran,
> >> > >>
> >> > >> I ran this the jar targeting my dev instance
> >> > >>
> >> > >> /opt/ads/var/lib/default
> >> > >>
> >> > >> log4j:WARN No appenders could be found for logger
> >> > >> (org.apache.directory.server.ApacheDsService).
> >> > >> log4j:WARN Please initialize the log4j system properly.
> >> > >> log4j:WARN See
> http://logging.apache.org/log4j/1.2/faq.html#noconfig
> >> > for
> >> > >> more info.
> >> > >>_ _    
> >> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
> >> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> >> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
> >> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
> >> > >>|_|
> >> > >>
> >> > >> Successfully modified password
> >> > >>
> >> > >>
> >> > >> But the password was still the old password.
> >> > >>
> >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
> >> kayyag...@apache.org>
> >> > >> wrote:
> >> > >>
> >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
> >> > >>> ezsra.mcdon...@gmail.com>
> >> > >>> wrote:
> >> > >>>
> >> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
> >> > >>> >
> >> > >>> > sorry for the delay, was building a tool to change the password
> >> cause
> >> > >>> any
> >> > >>> other means of changing
> >> > >>> it doesn't work
> >> > >>>
> >> > >>> please follow the below steps:
> >> > >>>
> >> > >>> 1. get the ads-passwd-reset.jar from here
> >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> >> > >>> 2. stop the server
> >> > >>> 3. run the command
> >> > >>>  java -jar target/ads-passwd-reset.jar
> >> 
> >> > >>>  
> >> > >>>
> >> > >>> your-path-to-DS-instance :  the path to the instance you are
> >> using,
> >> > >>> most likely it is the 'default' instance
> >> > >>> so something
> >> > >>> /instances/default
> >> > >>> user-dn :  uid=admin,ou=system
> >> > >>>  new-password :  the new password
> >> > >>>
> >> > >>> 4. after successful execution of above command start the server
> >> > >>>
> >> > >>> If you would like to build this tool then check it out from
> >> > >>>
> >> >
> >>
> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
> >> > >>>
> >> > >>> Let me know if you need further assistance.
> >> > >>>
> >> > >>>
> >> > >>>
> >> > >>> > dn: uid=admin,ou=system
> >> > >>> > changetype: modify
> >> > >>> > replace: userPassword
> >> > >>> > userPassword: PW_HERE_PLEASE
> >> > >>> >
> >> > >>> > I assume it needs more system attributes to get around this?
> >> > >>> >
> >> > >>> > Is there a config entry that can disable password aging that I
> can
> >> > >>> change
> >> > >>> > with an editor and restart the instance?
> >> > >>> >
> >> > >>> >
> >> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
> >> > >>> ezsra.mcdon...@gmail.com>
> >> > >>> > wrote:
> >> > >>> >
> >> > >>> > > ADS M20
> >> > >>> > >
> >> > >>> > > Thanks
> >> > >>> > >
> >> > >>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari <
> >> > >>> kayyag...@apache.org>
> >> > >>> > > wrote:
> >> > >>> > >
> >> > >>> > >> which version of the server are you using?
> >> > >>> > >>
> >> > >>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
> >> > >>> > ezsra.mcdon...@gmail.com
> >> > >>> > >> >
> >> > >>> > >> wrote:
> >> > >>> > >>
> >> > >>> > >> > I am

Re: Admin password expired

2015-09-18 Thread Kiran Ayyagari

try stopping all nodes, and run this command on one of them and restart both

On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald 
wrote:

> Yeah...it never comes back to prompt. Is there a plan B?
>
> On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari 
> wrote:
>
> > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> ezsra.mcdon...@gmail.com
> > >
> > wrote:
> >
> > > Does it matter that the ADS servers are in Multi-Master  setup?
> > >
> > no, the change should be propagated to the other nodes after starting the
> > node on which the
> > password was changed.
> >
> > And if you used this password on other nodes to connect to the updated
> node
> > then you need to
> > login to the other nodes and change the old password in replication
> > configurations
> >
> > >
> > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> > ezsra.mcdon...@gmail.com
> > > >
> > > wrote:
> > >
> > > > It did in dev as well. But prod I waited a couple minutes. When I
> > > > restarted password was not changed.
> > > >
> > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> kayyag...@apache.org
> > >
> > > > wrote:
> > > >
> > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> > > >> ezsra.mcdon...@gmail.com>
> > > >> wrote:
> > > >>
> > > >> > Is there any reason why this jar would report "Successfully
> modified
> > > >> > password" but not return to the shell prompt?
> > > >> >
> > > >> it might be taking a while to stop the server, but on OS X (my
> > machine)
> > > >> where I tested
> > > >> it returns immediately
> > > >>
> > > >> >
> > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> > > >> ezsra.mcdon...@gmail.com
> > > >> > >
> > > >> > wrote:
> > > >> >
> > > >> > > I was wrong. Test loign on the wrong instance, sorry. It worked
> in
> > > >> Dev.
> > > >> > >
> > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> > > >> > ezsra.mcdon...@gmail.com
> > > >> > > > wrote:
> > > >> > >
> > > >> > >> Thanks Kiran,
> > > >> > >>
> > > >> > >> I ran this the jar targeting my dev instance
> > > >> > >>
> > > >> > >> /opt/ads/var/lib/default
> > > >> > >>
> > > >> > >> log4j:WARN No appenders could be found for logger
> > > >> > >> (org.apache.directory.server.ApacheDsService).
> > > >> > >> log4j:WARN Please initialize the log4j system properly.
> > > >> > >> log4j:WARN See
> > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > > >> > for
> > > >> > >> more info.
> > > >> > >>_ _    
> > > >> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
> > > >> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> > > >> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
> > > >> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
> > > >> > >>|_|
> > > >> > >>
> > > >> > >> Successfully modified password
> > > >> > >>
> > > >> > >>
> > > >> > >> But the password was still the old password.
> > > >> > >>
> > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
> > > >> kayyag...@apache.org>
> > > >> > >> wrote:
> > > >> > >>
> > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
> > > >> > >>> ezsra.mcdon...@gmail.com>
> > > >> > >>> wrote:
> > > >> > >>>
> > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as
> > below:
> > > >> > >>> >
> > > >> > >>> > sorry for the delay, was building a tool to change the
> > password
> > > >> cause
> > > >> > >>> any
> > > >> > >>> other means of changing
> > > >> > >>> it doesn't work
> > > >> > >>>
> > > >> > >>> please follow the below steps:
> > > >> > >>>
> > > >> > >>> 1. get the ads-passwd-reset.jar from here
> > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> > > >> > >>> 2. stop the server
> > > >> > >>> 3. run the command
> > > >> > >>>  java -jar target/ads-passwd-reset.jar
> > > >> 
> > > >> > >>>  
> > > >> > >>>
> > > >> > >>> your-path-to-DS-instance :  the path to the instance you
> are
> > > >> using,
> > > >> > >>> most likely it is the 'default' instance
> > > >> > >>> so something
> > > >> > >>> /instances/default
> > > >> > >>> user-dn :  uid=admin,ou=system
> > > >> > >>>  new-password :  the new password
> > > >> > >>>
> > > >> > >>> 4. after successful execution of above command start the
> server
> > > >> > >>>
> > > >> > >>> If you would like to build this tool then check it out from
> > > >> > >>>
> > > >> >
> > > >>
> > >
> >
> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
> > > >> > >>>
> > > >> > >>> Let me know if you need further assistance.
> > > >> > >>>
> > > >> > >>>
> > > >> > >>>
> > > >> > >>> > dn: uid=admin,ou=system
> > > >> > >>> > changetype: modify
> > > >> > >>> > replace: userPassword
> > > >> > >>> > userPassword: PW_HERE_PLEASE
> > > >> > >>> >
> > > >> > >>> > I

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Is there any reason why this jar would report "Successfully modified
password" but not return to the shell prompt?

On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald 
wrote:

> I was wrong. Test loign on the wrong instance, sorry. It worked in Dev.
>
> On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald  > wrote:
>
>> Thanks Kiran,
>>
>> I ran this the jar targeting my dev instance
>>
>> /opt/ads/var/lib/default
>>
>> log4j:WARN No appenders could be found for logger
>> (org.apache.directory.server.ApacheDsService).
>> log4j:WARN Please initialize the log4j system properly.
>> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
>> more info.
>>_ _    
>>   / \   _ _____  ___| |__   ___|  _ \/ ___|
>>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
>> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
>>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
>>|_|
>>
>> Successfully modified password
>>
>>
>> But the password was still the old password.
>>
>> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari 
>> wrote:
>>
>>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
>>> ezsra.mcdon...@gmail.com>
>>> wrote:
>>>
>>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
>>> >
>>> > sorry for the delay, was building a tool to change the password cause
>>> any
>>> other means of changing
>>> it doesn't work
>>>
>>> please follow the below steps:
>>>
>>> 1. get the ads-passwd-reset.jar from here
>>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
>>> 2. stop the server
>>> 3. run the command
>>>  java -jar target/ads-passwd-reset.jar 
>>>  
>>>
>>> your-path-to-DS-instance :  the path to the instance you are using,
>>> most likely it is the 'default' instance
>>> so something
>>> /instances/default
>>> user-dn :  uid=admin,ou=system
>>>  new-password :  the new password
>>>
>>> 4. after successful execution of above command start the server
>>>
>>> If you would like to build this tool then check it out from
>>> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
>>>
>>> Let me know if you need further assistance.
>>>
>>>
>>>
>>> > dn: uid=admin,ou=system
>>> > changetype: modify
>>> > replace: userPassword
>>> > userPassword: PW_HERE_PLEASE
>>> >
>>> > I assume it needs more system attributes to get around this?
>>> >
>>> > Is there a config entry that can disable password aging that I can
>>> change
>>> > with an editor and restart the instance?
>>> >
>>> >
>>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
>>> ezsra.mcdon...@gmail.com>
>>> > wrote:
>>> >
>>> > > ADS M20
>>> > >
>>> > > Thanks
>>> > >
>>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari <
>>> kayyag...@apache.org>
>>> > > wrote:
>>> > >
>>> > >> which version of the server are you using?
>>> > >>
>>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
>>> > ezsra.mcdon...@gmail.com
>>> > >> >
>>> > >> wrote:
>>> > >>
>>> > >> > I am researching but if anyone can suggest a solution, it appears
>>> my
>>> > >> > uid=admin,ou=system password expired. I did not realize the aging
>>> > >> applied
>>> > >> > to the admin user.
>>> > >> >
>>> > >> > Urgently need to resolve this issue.
>>> > >> >
>>> > >>
>>> > >>
>>> > >>
>>> > >> --
>>> > >> Kiran Ayyagari
>>> > >> http://keydap.com
>>> > >>
>>> > >
>>> > >
>>> >
>>>
>>>
>>>
>>> --
>>> Kiran Ayyagari
>>> http://keydap.com
>>>
>>
>>
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Thanks Kiran,

I ran this the jar targeting my dev instance

/opt/ads/var/lib/default

log4j:WARN No appenders could be found for logger
(org.apache.directory.server.ApacheDsService).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for
more info.
   _ _    
  / \   _ _____  ___| |__   ___|  _ \/ ___|
 / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
/ ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
   /_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
   |_|

Successfully modified password


But the password was still the old password.

On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari 
wrote:

> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald  >
> wrote:
>
> > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
> >
> > sorry for the delay, was building a tool to change the password cause any
> other means of changing
> it doesn't work
>
> please follow the below steps:
>
> 1. get the ads-passwd-reset.jar from here
> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> 2. stop the server
> 3. run the command
>  java -jar target/ads-passwd-reset.jar 
>  
>
> your-path-to-DS-instance :  the path to the instance you are using,
> most likely it is the 'default' instance
> so something
> /instances/default
> user-dn :  uid=admin,ou=system
>  new-password :  the new password
>
> 4. after successful execution of above command start the server
>
> If you would like to build this tool then check it out from
> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
>
> Let me know if you need further assistance.
>
>
>
> > dn: uid=admin,ou=system
> > changetype: modify
> > replace: userPassword
> > userPassword: PW_HERE_PLEASE
> >
> > I assume it needs more system attributes to get around this?
> >
> > Is there a config entry that can disable password aging that I can change
> > with an editor and restart the instance?
> >
> >
> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
> ezsra.mcdon...@gmail.com>
> > wrote:
> >
> > > ADS M20
> > >
> > > Thanks
> > >
> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari 
> > > wrote:
> > >
> > >> which version of the server are you using?
> > >>
> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
> > ezsra.mcdon...@gmail.com
> > >> >
> > >> wrote:
> > >>
> > >> > I am researching but if anyone can suggest a solution, it appears my
> > >> > uid=admin,ou=system password expired. I did not realize the aging
> > >> applied
> > >> > to the admin user.
> > >> >
> > >> > Urgently need to resolve this issue.
> > >> >
> > >>
> > >>
> > >>
> > >> --
> > >> Kiran Ayyagari
> > >> http://keydap.com
> > >>
> > >
> > >
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

It did in dev as well. But prod I waited a couple minutes. When I restarted
password was not changed.

On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari 
wrote:

> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald  >
> wrote:
>
> > Is there any reason why this jar would report "Successfully modified
> > password" but not return to the shell prompt?
> >
> it might be taking a while to stop the server, but on OS X (my machine)
> where I tested
> it returns immediately
>
> >
> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> ezsra.mcdon...@gmail.com
> > >
> > wrote:
> >
> > > I was wrong. Test loign on the wrong instance, sorry. It worked in Dev.
> > >
> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> > ezsra.mcdon...@gmail.com
> > > > wrote:
> > >
> > >> Thanks Kiran,
> > >>
> > >> I ran this the jar targeting my dev instance
> > >>
> > >> /opt/ads/var/lib/default
> > >>
> > >> log4j:WARN No appenders could be found for logger
> > >> (org.apache.directory.server.ApacheDsService).
> > >> log4j:WARN Please initialize the log4j system properly.
> > >> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > for
> > >> more info.
> > >>_ _    
> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
> > >>|_|
> > >>
> > >> Successfully modified password
> > >>
> > >>
> > >> But the password was still the old password.
> > >>
> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari  >
> > >> wrote:
> > >>
> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
> > >>> ezsra.mcdon...@gmail.com>
> > >>> wrote:
> > >>>
> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
> > >>> >
> > >>> > sorry for the delay, was building a tool to change the password
> cause
> > >>> any
> > >>> other means of changing
> > >>> it doesn't work
> > >>>
> > >>> please follow the below steps:
> > >>>
> > >>> 1. get the ads-passwd-reset.jar from here
> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
> > >>> 2. stop the server
> > >>> 3. run the command
> > >>>  java -jar target/ads-passwd-reset.jar 
> > >>>  
> > >>>
> > >>> your-path-to-DS-instance :  the path to the instance you are
> using,
> > >>> most likely it is the 'default' instance
> > >>> so something
> > >>> /instances/default
> > >>> user-dn :  uid=admin,ou=system
> > >>>  new-password :  the new password
> > >>>
> > >>> 4. after successful execution of above command start the server
> > >>>
> > >>> If you would like to build this tool then check it out from
> > >>>
> >
> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
> > >>>
> > >>> Let me know if you need further assistance.
> > >>>
> > >>>
> > >>>
> > >>> > dn: uid=admin,ou=system
> > >>> > changetype: modify
> > >>> > replace: userPassword
> > >>> > userPassword: PW_HERE_PLEASE
> > >>> >
> > >>> > I assume it needs more system attributes to get around this?
> > >>> >
> > >>> > Is there a config entry that can disable password aging that I can
> > >>> change
> > >>> > with an editor and restart the instance?
> > >>> >
> > >>> >
> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
> > >>> ezsra.mcdon...@gmail.com>
> > >>> > wrote:
> > >>> >
> > >>> > > ADS M20
> > >>> > >
> > >>> > > Thanks
> > >>> > >
> > >>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari <
> > >>> kayyag...@apache.org>
> > >>> > > wrote:
> > >>> > >
> > >>> > >> which version of the server are you using?
> > >>> > >>
> > >>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
> > >>> > ezsra.mcdon...@gmail.com
> > >>> > >> >
> > >>> > >> wrote:
> > >>> > >>
> > >>> > >> > I am researching but if anyone can suggest a solution, it
> > appears
> > >>> my
> > >>> > >> > uid=admin,ou=system password expired. I did not realize the
> > aging
> > >>> > >> applied
> > >>> > >> > to the admin user.
> > >>> > >> >
> > >>> > >> > Urgently need to resolve this issue.
> > >>> > >> >
> > >>> > >>
> > >>> > >>
> > >>> > >>
> > >>> > >> --
> > >>> > >> Kiran Ayyagari
> > >>> > >> http://keydap.com
> > >>> > >>
> > >>> > >
> > >>> > >
> > >>> >
> > >>>
> > >>>
> > >>>
> > >>> --
> > >>> Kiran Ayyagari
> > >>> http://keydap.com
> > >>>
> > >>
> > >>
> > >
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

I executed ctrl+c and started the instance. The PW change did not get saved.

On Fri, Sep 18, 2015 at 10:42 AM, Ezsra McDonald 
wrote:

> Is there any reason why this jar would report "Successfully modified
> password" but not return to the shell prompt?
>
> On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald  > wrote:
>
>> I was wrong. Test loign on the wrong instance, sorry. It worked in Dev.
>>
>> On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
>> ezsra.mcdon...@gmail.com> wrote:
>>
>>> Thanks Kiran,
>>>
>>> I ran this the jar targeting my dev instance
>>>
>>> /opt/ads/var/lib/default
>>>
>>> log4j:WARN No appenders could be found for logger
>>> (org.apache.directory.server.ApacheDsService).
>>> log4j:WARN Please initialize the log4j system properly.
>>> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
>>> for more info.
>>>_ _    
>>>   / \   _ _____  ___| |__   ___|  _ \/ ___|
>>>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
>>> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
>>>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
>>>|_|
>>>
>>> Successfully modified password
>>>
>>>
>>> But the password was still the old password.
>>>
>>> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari 
>>> wrote:
>>>
 On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
 ezsra.mcdon...@gmail.com>
 wrote:

 > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
 >
 > sorry for the delay, was building a tool to change the password cause
 any
 other means of changing
 it doesn't work

 please follow the below steps:

 1. get the ads-passwd-reset.jar from here
 https://people.apache.org/~kayyagari/ads-passwd-reset.jar
 2. stop the server
 3. run the command
  java -jar target/ads-passwd-reset.jar 
  

 your-path-to-DS-instance :  the path to the instance you are using,
 most likely it is the 'default' instance
 so something
 /instances/default
 user-dn :  uid=admin,ou=system
  new-password :  the new password

 4. after successful execution of above command start the server

 If you would like to build this tool then check it out from

 http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/

 Let me know if you need further assistance.



 > dn: uid=admin,ou=system
 > changetype: modify
 > replace: userPassword
 > userPassword: PW_HERE_PLEASE
 >
 > I assume it needs more system attributes to get around this?
 >
 > Is there a config entry that can disable password aging that I can
 change
 > with an editor and restart the instance?
 >
 >
 > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
 ezsra.mcdon...@gmail.com>
 > wrote:
 >
 > > ADS M20
 > >
 > > Thanks
 > >
 > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari <
 kayyag...@apache.org>
 > > wrote:
 > >
 > >> which version of the server are you using?
 > >>
 > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
 > ezsra.mcdon...@gmail.com
 > >> >
 > >> wrote:
 > >>
 > >> > I am researching but if anyone can suggest a solution, it
 appears my
 > >> > uid=admin,ou=system password expired. I did not realize the aging
 > >> applied
 > >> > to the admin user.
 > >> >
 > >> > Urgently need to resolve this issue.
 > >> >
 > >>
 > >>
 > >>
 > >> --
 > >> Kiran Ayyagari
 > >> http://keydap.com
 > >>
 > >
 > >
 >



 --
 Kiran Ayyagari
 http://keydap.com

>>>
>>>
>>
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

Does it matter that the ADS servers are in Multi-Master  setup?

On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald 
wrote:

> It did in dev as well. But prod I waited a couple minutes. When I
> restarted password was not changed.
>
> On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari 
> wrote:
>
>> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
>> ezsra.mcdon...@gmail.com>
>> wrote:
>>
>> > Is there any reason why this jar would report "Successfully modified
>> > password" but not return to the shell prompt?
>> >
>> it might be taking a while to stop the server, but on OS X (my machine)
>> where I tested
>> it returns immediately
>>
>> >
>> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
>> ezsra.mcdon...@gmail.com
>> > >
>> > wrote:
>> >
>> > > I was wrong. Test loign on the wrong instance, sorry. It worked in
>> Dev.
>> > >
>> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
>> > ezsra.mcdon...@gmail.com
>> > > > wrote:
>> > >
>> > >> Thanks Kiran,
>> > >>
>> > >> I ran this the jar targeting my dev instance
>> > >>
>> > >> /opt/ads/var/lib/default
>> > >>
>> > >> log4j:WARN No appenders could be found for logger
>> > >> (org.apache.directory.server.ApacheDsService).
>> > >> log4j:WARN Please initialize the log4j system properly.
>> > >> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig
>> > for
>> > >> more info.
>> > >>_ _    
>> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
>> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
>> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
>> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
>> > >>|_|
>> > >>
>> > >> Successfully modified password
>> > >>
>> > >>
>> > >> But the password was still the old password.
>> > >>
>> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
>> kayyag...@apache.org>
>> > >> wrote:
>> > >>
>> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
>> > >>> ezsra.mcdon...@gmail.com>
>> > >>> wrote:
>> > >>>
>> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF as below:
>> > >>> >
>> > >>> > sorry for the delay, was building a tool to change the password
>> cause
>> > >>> any
>> > >>> other means of changing
>> > >>> it doesn't work
>> > >>>
>> > >>> please follow the below steps:
>> > >>>
>> > >>> 1. get the ads-passwd-reset.jar from here
>> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
>> > >>> 2. stop the server
>> > >>> 3. run the command
>> > >>>  java -jar target/ads-passwd-reset.jar
>> 
>> > >>>  
>> > >>>
>> > >>> your-path-to-DS-instance :  the path to the instance you are
>> using,
>> > >>> most likely it is the 'default' instance
>> > >>> so something
>> > >>> /instances/default
>> > >>> user-dn :  uid=admin,ou=system
>> > >>>  new-password :  the new password
>> > >>>
>> > >>> 4. after successful execution of above command start the server
>> > >>>
>> > >>> If you would like to build this tool then check it out from
>> > >>>
>> >
>> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-reset/
>> > >>>
>> > >>> Let me know if you need further assistance.
>> > >>>
>> > >>>
>> > >>>
>> > >>> > dn: uid=admin,ou=system
>> > >>> > changetype: modify
>> > >>> > replace: userPassword
>> > >>> > userPassword: PW_HERE_PLEASE
>> > >>> >
>> > >>> > I assume it needs more system attributes to get around this?
>> > >>> >
>> > >>> > Is there a config entry that can disable password aging that I can
>> > >>> change
>> > >>> > with an editor and restart the instance?
>> > >>> >
>> > >>> >
>> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald <
>> > >>> ezsra.mcdon...@gmail.com>
>> > >>> > wrote:
>> > >>> >
>> > >>> > > ADS M20
>> > >>> > >
>> > >>> > > Thanks
>> > >>> > >
>> > >>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari <
>> > >>> kayyag...@apache.org>
>> > >>> > > wrote:
>> > >>> > >
>> > >>> > >> which version of the server are you using?
>> > >>> > >>
>> > >>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald <
>> > >>> > ezsra.mcdon...@gmail.com
>> > >>> > >> >
>> > >>> > >> wrote:
>> > >>> > >>
>> > >>> > >> > I am researching but if anyone can suggest a solution, it
>> > appears
>> > >>> my
>> > >>> > >> > uid=admin,ou=system password expired. I did not realize the
>> > aging
>> > >>> > >> applied
>> > >>> > >> > to the admin user.
>> > >>> > >> >
>> > >>> > >> > Urgently need to resolve this issue.
>> > >>> > >> >
>> > >>> > >>
>> > >>> > >>
>> > >>> > >>
>> > >>> > >> --
>> > >>> > >> Kiran Ayyagari
>> > >>> > >> http://keydap.com
>> > >>> > >>
>> > >>> > >
>> > >>> > >
>> > >>> >
>> > >>>
>> > >>>
>> > >>>
>> > >>> --
>> > >>> Kiran Ayyagari
>> > >>> http://keydap.com
>> > >>>
>> > >>
>> > >>
>> > >
>> >
>>
>>
>>
>> --
>> Kiran Ayyagari
>> http://keydap.com
>>
>
>

Re: Admin password expired

2015-09-18 Thread Kiran Ayyagari

On Sat, Sep 19, 2015 at 12:40 AM, Ezsra McDonald 
wrote:

> Is the jar resetting the password aging stuff?
>
ah this must be the reason, committed a change, please test with the latest
build
https://people.apache.org/~kayyagari/ads-passwd-reset.jar

>
> On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald  >
> wrote:
>
> > Stopping all the instances allowed the jar to exit back to shell, but it
> > still says the password is expired when I start the instance and try to
> > login.
> >
> > On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari 
> > wrote:
> >
> >> try stopping all nodes, and run this command on one of them and restart
> >> both
> >>
> >> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <
> >> ezsra.mcdon...@gmail.com>
> >> wrote:
> >>
> >> > Yeah...it never comes back to prompt. Is there a plan B?
> >> >
> >> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari <
> kayyag...@apache.org>
> >> > wrote:
> >> >
> >> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> >> > ezsra.mcdon...@gmail.com
> >> > > >
> >> > > wrote:
> >> > >
> >> > > > Does it matter that the ADS servers are in Multi-Master  setup?
> >> > > >
> >> > > no, the change should be propagated to the other nodes after
> starting
> >> the
> >> > > node on which the
> >> > > password was changed.
> >> > >
> >> > > And if you used this password on other nodes to connect to the
> updated
> >> > node
> >> > > then you need to
> >> > > login to the other nodes and change the old password in replication
> >> > > configurations
> >> > >
> >> > > >
> >> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> >> > > ezsra.mcdon...@gmail.com
> >> > > > >
> >> > > > wrote:
> >> > > >
> >> > > > > It did in dev as well. But prod I waited a couple minutes. When
> I
> >> > > > > restarted password was not changed.
> >> > > > >
> >> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> >> > kayyag...@apache.org
> >> > > >
> >> > > > > wrote:
> >> > > > >
> >> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> >> > > > >> ezsra.mcdon...@gmail.com>
> >> > > > >> wrote:
> >> > > > >>
> >> > > > >> > Is there any reason why this jar would report "Successfully
> >> > modified
> >> > > > >> > password" but not return to the shell prompt?
> >> > > > >> >
> >> > > > >> it might be taking a while to stop the server, but on OS X (my
> >> > > machine)
> >> > > > >> where I tested
> >> > > > >> it returns immediately
> >> > > > >>
> >> > > > >> >
> >> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> >> > > > >> ezsra.mcdon...@gmail.com
> >> > > > >> > >
> >> > > > >> > wrote:
> >> > > > >> >
> >> > > > >> > > I was wrong. Test loign on the wrong instance, sorry. It
> >> worked
> >> > in
> >> > > > >> Dev.
> >> > > > >> > >
> >> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> >> > > > >> > ezsra.mcdon...@gmail.com
> >> > > > >> > > > wrote:
> >> > > > >> > >
> >> > > > >> > >> Thanks Kiran,
> >> > > > >> > >>
> >> > > > >> > >> I ran this the jar targeting my dev instance
> >> > > > >> > >>
> >> > > > >> > >> /opt/ads/var/lib/default
> >> > > > >> > >>
> >> > > > >> > >> log4j:WARN No appenders could be found for logger
> >> > > > >> > >> (org.apache.directory.server.ApacheDsService).
> >> > > > >> > >> log4j:WARN Please initialize the log4j system properly.
> >> > > > >> > >> log4j:WARN See
> >> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
> >> > > > >> > for
> >> > > > >> > >> more info.
> >> > > > >> > >>_ _    
> >> > > > >> > >>   / \   _ _____  ___| |__   ___|  _ \/ ___|
> >> > > > >> > >>  / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> >> > > > >> > >> / ___ \| |_) | (_| | (__| | | |  __/ |_| |___) |
> >> > > > >> > >>/_/   \_\ .__/ \__,_|\___|_| |_|\___|/|/
> >> > > > >> > >>|_|
> >> > > > >> > >>
> >> > > > >> > >> Successfully modified password
> >> > > > >> > >>
> >> > > > >> > >>
> >> > > > >> > >> But the password was still the old password.
> >> > > > >> > >>
> >> > > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari <
> >> > > > >> kayyag...@apache.org>
> >> > > > >> > >> wrote:
> >> > > > >> > >>
> >> > > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald <
> >> > > > >> > >>> ezsra.mcdon...@gmail.com>
> >> > > > >> > >>> wrote:
> >> > > > >> > >>>
> >> > > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with a LDIF
> as
> >> > > below:
> >> > > > >> > >>> >
> >> > > > >> > >>> > sorry for the delay, was building a tool to change the
> >> > > password
> >> > > > >> cause
> >> > > > >> > >>> any
> >> > > > >> > >>> other means of changing
> >> > > > >> > >>> it doesn't work
> >> > > > >> > >>>
> >> > > > >> > >>> please follow the below steps:
> >> > > > >> > >>>
> >> > > > >> > >>> 1. get the ads-passwd-reset.jar from here
> >> > > > >> > >>>
>

Re: Admin password expired

2015-09-18 Thread Ezsra McDonald

One server worked, the other gave this error:

Exception in thread "main" java.lang.UnsupportedClassVersionError:
org/apache/directory/server/core/api/InstanceLayout : Unsupported
major.minor version 51.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:643)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:277)
at java.net.URLClassLoader.access$000(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:212)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:323)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:268)
at org.apache.directory.PasswordResetter.main(PasswordResetter.java:57)

On Fri, Sep 18, 2015 at 12:07 PM, Kiran Ayyagari 
wrote:

> On Sat, Sep 19, 2015 at 12:40 AM, Ezsra McDonald  >
> wrote:
>
> > Is the jar resetting the password aging stuff?
> >
> ah this must be the reason, committed a change, please test with the latest
> build
> https://people.apache.org/~kayyagari/ads-passwd-reset.jar
>
> >
> > On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald <
> ezsra.mcdon...@gmail.com
> > >
> > wrote:
> >
> > > Stopping all the instances allowed the jar to exit back to shell, but
> it
> > > still says the password is expired when I start the instance and try to
> > > login.
> > >
> > > On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari  >
> > > wrote:
> > >
> > >> try stopping all nodes, and run this command on one of them and
> restart
> > >> both
> > >>
> > >> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald <
> > >> ezsra.mcdon...@gmail.com>
> > >> wrote:
> > >>
> > >> > Yeah...it never comes back to prompt. Is there a plan B?
> > >> >
> > >> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari <
> > kayyag...@apache.org>
> > >> > wrote:
> > >> >
> > >> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald <
> > >> > ezsra.mcdon...@gmail.com
> > >> > > >
> > >> > > wrote:
> > >> > >
> > >> > > > Does it matter that the ADS servers are in Multi-Master  setup?
> > >> > > >
> > >> > > no, the change should be propagated to the other nodes after
> > starting
> > >> the
> > >> > > node on which the
> > >> > > password was changed.
> > >> > >
> > >> > > And if you used this password on other nodes to connect to the
> > updated
> > >> > node
> > >> > > then you need to
> > >> > > login to the other nodes and change the old password in
> replication
> > >> > > configurations
> > >> > >
> > >> > > >
> > >> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald <
> > >> > > ezsra.mcdon...@gmail.com
> > >> > > > >
> > >> > > > wrote:
> > >> > > >
> > >> > > > > It did in dev as well. But prod I waited a couple minutes.
> When
> > I
> > >> > > > > restarted password was not changed.
> > >> > > > >
> > >> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari <
> > >> > kayyag...@apache.org
> > >> > > >
> > >> > > > > wrote:
> > >> > > > >
> > >> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald <
> > >> > > > >> ezsra.mcdon...@gmail.com>
> > >> > > > >> wrote:
> > >> > > > >>
> > >> > > > >> > Is there any reason why this jar would report "Successfully
> > >> > modified
> > >> > > > >> > password" but not return to the shell prompt?
> > >> > > > >> >
> > >> > > > >> it might be taking a while to stop the server, but on OS X
> (my
> > >> > > machine)
> > >> > > > >> where I tested
> > >> > > > >> it returns immediately
> > >> > > > >>
> > >> > > > >> >
> > >> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald <
> > >> > > > >> ezsra.mcdon...@gmail.com
> > >> > > > >> > >
> > >> > > > >> > wrote:
> > >> > > > >> >
> > >> > > > >> > > I was wrong. Test loign on the wrong instance, sorry. It
> > >> worked
> > >> > in
> > >> > > > >> Dev.
> > >> > > > >> > >
> > >> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald <
> > >> > > > >> > ezsra.mcdon...@gmail.com
> > >> > > > >> > > > wrote:
> > >> > > > >> > >
> > >> > > > >> > >> Thanks Kiran,
> > >> > > > >> > >>
> > >> > > > >> > >> I ran this the jar targeting my dev instance
> > >> > > > >> > >>
> > >> > > > >> > >> /opt/ads/var/lib/default
> > >> > > > >> > >>
> > >> > > > >> > >> log4j:WARN No appenders could be found for logger
> > >> > > > >> > >> (org.apache.directory.server.ApacheDsService).
> > >> > > > >> > >> log4j:WARN Please initialize the log4j system properly.
> > >> > > > >> > >> log4j:WARN See
> > >> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig
> > >> > > > >> > for
> > >> > > > >> > >> more info.
> > >> > > > >> > >>_ _    
> > >> > > > >> > >>   / \   _ _____  ___| |__   ___|

Get all attributes

2015-09-18 Thread Syed Mudassir Ahmed

Hi Everybody,
  I am using plain java coding (Apache directory API)  This is the problem I am 
facing.
  I am able to connect to Windows Active Directory.  I am able to lookup an 
object and get the attributes.
  Suppose an entry has 'm' attributes out of which 'n' attributes are assigned 
values.  The remaining attributes are simply unassigned.
  When I do search or lookup operation, I am getting only 'n' attributes 
listed.  I need the reamining (m-n) attributes as well.
  Anyone can help how to that?  How are you fetching it?

Sent from my iPad

Re: Admin password expired

Re: Get all attributes

Re: Question about fetching attributes

Re: Admin password expired

Question about fetching attributes

Re: Admin password expired

Re: Question about fetching attributes

Re: Question about fetching attributes

Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Re: Admin password expired

Get all attributes

22 matches

Site Navigation

Mail list logo

Footer information