Show Table of Contents
6.5. Resetting the Directory Manager Password
Passwords are stored in the Directory Server databases and can be modified with tools like
ldapmodify and through the Directory Server Console. The Directory Manager password is stored in the Directory Server configuration files and can be viewed (if lost) and modified by editing that file. To check or reset the Directory Manager password:
- Stop the Directory Server. If the Directory Server is not stopped when the configuration files are edited, the changes are not applied.
# service dirsrv stop
- Generate a new, hashed password using
pwdhash. On Linux, the tool is in the/usr/bindirectory. For example:#
/usr/bin/pwdhash newpassword{SSHA}nbR/ZeVTwZLw6aJH6oE4obbDbL0OaeleUoT21w== - In the configuration directory, open the
dse.ldiffile. For example:# vim /etc/dirsrv/slapd-instance_name/dse.ldif
- Locate the
nsslapd-rootpwparameter.nsslapd-rootpw:
{SSHA}x03lZLMyOPaGH5VB8fcys1IV+TVNbBIOwZEYoQ==Delete the old password, and enter in the new hashed password. For example:nsslapd-rootpw:
{SSHA}nbR/ZeVTwZLw6aJH6oE4obbDbL0OaeleUoT21w== - Save the change.
- Start the Directory Server. For example:
# service dirsrv start
- When the Directory Server restarts, log into the Console again as Directory Manager, and verify that the password works.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.