Quick post… note to self…

In resetting passwords for one of our customers, we have to create the necessary LDIF file (yep, system uses LDAP), and do the ldapmodify command.

Instead of creating ldif file (or editing existing) every time there is a password reset, why ‘vi’ every time when you can do a one line perl command to replace the ‘uid’ part of the LDIF file?

Example:

After checking that the password was indeed locked, we create an LDIF file like this one:

# more /tmp/ldif.txt
dn: uid=guttekg,ou=people,dc=domain,dc=domain2,dc=domain3,dc=com
changetype: modify
replace: userPassword
userPassword: R3s#tn9

and execute the ldapmodify command:

ldapmodify -D “cn=Directory Manager” -h ldap_server -f /tmp/ldif.txt

For the next password reset, we don’t have to do ‘vi’ and edit the ldif file. Simpley do:

perl -p -i -e ’s/oldstring/newstring/g’ *

.. and we’re done.. (after the ldapmodify of course)