Hi, is there any chance the user you're running the java command as does not have write privileges on the partition file system? I looked at the script and I'm not sure if: session.modify(dn, mod); or ads.stop() flushes changes to disk? If it's the latter and the file system is not writable then an exception might be thrown and your changes would not be persisted.
-----Original Message----- From: Ezsra McDonald [mailto:[email protected]] Sent: Friday, September 18, 2015 12:40 PM To: users Subject: Re: Admin password expired Is the jar resetting the password aging stuff? On Fri, Sep 18, 2015 at 11:39 AM, Ezsra McDonald <[email protected]> wrote: > Stopping all the instances allowed the jar to exit back to shell, but > it still says the password is expired when I start the instance and > try to login. > > On Fri, Sep 18, 2015 at 11:28 AM, Kiran Ayyagari > <[email protected]> > wrote: > >> try stopping all nodes, and run this command on one of them and >> restart both >> >> On Sat, Sep 19, 2015 at 12:27 AM, Ezsra McDonald < >> [email protected]> >> wrote: >> >> > Yeah...it never comes back to prompt. Is there a plan B? >> > >> > On Fri, Sep 18, 2015 at 11:22 AM, Kiran Ayyagari >> > <[email protected]> >> > wrote: >> > >> > > On Sat, Sep 19, 2015 at 12:11 AM, Ezsra McDonald < >> > [email protected] >> > > > >> > > wrote: >> > > >> > > > Does it matter that the ADS servers are in Multi-Master setup? >> > > > >> > > no, the change should be propagated to the other nodes after >> > > starting >> the >> > > node on which the >> > > password was changed. >> > > >> > > And if you used this password on other nodes to connect to the >> > > updated >> > node >> > > then you need to >> > > login to the other nodes and change the old password in >> > > replication configurations >> > > >> > > > >> > > > On Fri, Sep 18, 2015 at 10:51 AM, Ezsra McDonald < >> > > [email protected] >> > > > > >> > > > wrote: >> > > > >> > > > > It did in dev as well. But prod I waited a couple minutes. >> > > > > When I restarted password was not changed. >> > > > > >> > > > > On Fri, Sep 18, 2015 at 10:50 AM, Kiran Ayyagari < >> > [email protected] >> > > > >> > > > > wrote: >> > > > > >> > > > >> On Fri, Sep 18, 2015 at 11:42 PM, Ezsra McDonald < >> > > > >> [email protected]> >> > > > >> wrote: >> > > > >> >> > > > >> > Is there any reason why this jar would report >> > > > >> > "Successfully >> > modified >> > > > >> > password" but not return to the shell prompt? >> > > > >> > >> > > > >> it might be taking a while to stop the server, but on OS X >> > > > >> (my >> > > machine) >> > > > >> where I tested >> > > > >> it returns immediately >> > > > >> >> > > > >> > >> > > > >> > On Fri, Sep 18, 2015 at 10:33 AM, Ezsra McDonald < >> > > > >> [email protected] >> > > > >> > > >> > > > >> > wrote: >> > > > >> > >> > > > >> > > I was wrong. Test loign on the wrong instance, sorry. It >> worked >> > in >> > > > >> Dev. >> > > > >> > > >> > > > >> > > On Fri, Sep 18, 2015 at 10:20 AM, Ezsra McDonald < >> > > > >> > [email protected] >> > > > >> > > > wrote: >> > > > >> > > >> > > > >> > >> Thanks Kiran, >> > > > >> > >> >> > > > >> > >> I ran this the jar targeting my dev instance >> > > > >> > >> >> > > > >> > >> /opt/ads/var/lib/default >> > > > >> > >> >> > > > >> > >> log4j:WARN No appenders could be found for logger >> > > > >> > >> (org.apache.directory.server.ApacheDsService). >> > > > >> > >> log4j:WARN Please initialize the log4j system properly. >> > > > >> > >> log4j:WARN See >> > > > http://logging.apache.org/log4j/1.2/faq.html#noconfig >> > > > >> > for >> > > > >> > >> more info. >> > > > >> > >> _ _ ____ ____ >> > > > >> > >> / \ _ __ ___ ___| |__ ___| _ \/ ___| >> > > > >> > >> / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \ >> > > > >> > >> / ___ \| |_) | (_| | (__| | | | __/ |_| |___) | >> > > > >> > >> /_/ \_\ .__/ \__,_|\___|_| |_|\___|____/|____/ >> > > > >> > >> |_| >> > > > >> > >> >> > > > >> > >> Successfully modified password >> > > > >> > >> >> > > > >> > >> >> > > > >> > >> But the password was still the old password. >> > > > >> > >> >> > > > >> > >> On Fri, Sep 18, 2015 at 9:57 AM, Kiran Ayyagari < >> > > > >> [email protected]> >> > > > >> > >> wrote: >> > > > >> > >> >> > > > >> > >>> On Fri, Sep 18, 2015 at 10:37 PM, Ezsra McDonald < >> > > > >> > >>> [email protected]> >> > > > >> > >>> wrote: >> > > > >> > >>> >> > > > >> > >>> > Any ideas Kiran? I tried using ldapmodify with a >> > > > >> > >>> > LDIF as >> > > below: >> > > > >> > >>> > >> > > > >> > >>> > sorry for the delay, was building a tool to change >> > > > >> > >>> > the >> > > password >> > > > >> cause >> > > > >> > >>> any >> > > > >> > >>> other means of changing it doesn't work >> > > > >> > >>> >> > > > >> > >>> please follow the below steps: >> > > > >> > >>> >> > > > >> > >>> 1. get the ads-passwd-reset.jar from here >> > > > >> > >>> https://people.apache.org/~kayyagari/ads-passwd-reset. >> > > > >> > >>> jar >> > > > >> > >>> 2. stop the server >> > > > >> > >>> 3. run the command >> > > > >> > >>> java -jar target/ads-passwd-reset.jar >> > > > >> <your-path-to-DS-instance> >> > > > >> > >>> <user-dn> <new-password> >> > > > >> > >>> >> > > > >> > >>> your-path-to-DS-instance : the path to the >> > > > >> > >>> instance >> you >> > are >> > > > >> using, >> > > > >> > >>> most likely it is the 'default' instance >> > > > >> > >>> so >> something >> > > > >> > >>> <path-to-ds-installation>/instances/default >> > > > >> > >>> user-dn : >> uid=admin,ou=system >> > > > >> > >>> new-password : the new password >> > > > >> > >>> >> > > > >> > >>> 4. after successful execution of above command start >> > > > >> > >>> the >> > server >> > > > >> > >>> >> > > > >> > >>> If you would like to build this tool then check it out >> > > > >> > >>> from >> > > > >> > >>> >> > > > >> > >> > > > >> >> > > > >> > > >> > >> http://svn.apache.org/repos/asf/directory/sandbox/kayyagari/passwd-re >> set/ >> > > > >> > >>> >> > > > >> > >>> Let me know if you need further assistance. >> > > > >> > >>> >> > > > >> > >>> >> > > > >> > >>> >> > > > >> > >>> > dn: uid=admin,ou=system >> > > > >> > >>> > changetype: modify >> > > > >> > >>> > replace: userPassword >> > > > >> > >>> > userPassword: PW_HERE_PLEASE >> > > > >> > >>> > >> > > > >> > >>> > I assume it needs more system attributes to get >> > > > >> > >>> > around >> this? >> > > > >> > >>> > >> > > > >> > >>> > Is there a config entry that can disable password >> > > > >> > >>> > aging >> > that I >> > > > can >> > > > >> > >>> change >> > > > >> > >>> > with an editor and restart the instance? >> > > > >> > >>> > >> > > > >> > >>> > >> > > > >> > >>> > On Fri, Sep 18, 2015 at 8:51 AM, Ezsra McDonald < >> > > > >> > >>> [email protected]> >> > > > >> > >>> > wrote: >> > > > >> > >>> > >> > > > >> > >>> > > ADS M20 >> > > > >> > >>> > > >> > > > >> > >>> > > Thanks >> > > > >> > >>> > > >> > > > >> > >>> > > On Fri, Sep 18, 2015 at 8:46 AM, Kiran Ayyagari < >> > > > >> > >>> [email protected]> >> > > > >> > >>> > > wrote: >> > > > >> > >>> > > >> > > > >> > >>> > >> which version of the server are you using? >> > > > >> > >>> > >> >> > > > >> > >>> > >> On Fri, Sep 18, 2015 at 9:44 PM, Ezsra McDonald < >> > > > >> > >>> > [email protected] >> > > > >> > >>> > >> > >> > > > >> > >>> > >> wrote: >> > > > >> > >>> > >> >> > > > >> > >>> > >> > I am researching but if anyone can suggest a >> solution, >> > it >> > > > >> > appears >> > > > >> > >>> my >> > > > >> > >>> > >> > uid=admin,ou=system password expired. I did not >> realize >> > > the >> > > > >> > aging >> > > > >> > >>> > >> applied >> > > > >> > >>> > >> > to the admin user. >> > > > >> > >>> > >> > >> > > > >> > >>> > >> > Urgently need to resolve this issue. >> > > > >> > >>> > >> > >> > > > >> > >>> > >> >> > > > >> > >>> > >> >> > > > >> > >>> > >> >> > > > >> > >>> > >> -- >> > > > >> > >>> > >> Kiran Ayyagari >> > > > >> > >>> > >> http://keydap.com >> > > > >> > >>> > >> >> > > > >> > >>> > > >> > > > >> > >>> > > >> > > > >> > >>> > >> > > > >> > >>> >> > > > >> > >>> >> > > > >> > >>> >> > > > >> > >>> -- >> > > > >> > >>> Kiran Ayyagari >> > > > >> > >>> http://keydap.com >> > > > >> > >>> >> > > > >> > >> >> > > > >> > >> >> > > > >> > > >> > > > >> > >> > > > >> >> > > > >> >> > > > >> >> > > > >> -- >> > > > >> Kiran Ayyagari >> > > > >> http://keydap.com >> > > > >> >> > > > > >> > > > > >> > > > >> > > >> > > >> > > >> > > -- >> > > Kiran Ayyagari >> > > http://keydap.com >> > > >> > >> >> >> >> -- >> Kiran Ayyagari >> http://keydap.com >> > >
