If you have too many passwords it is difficult to remeber it but it is best practice to remember passwords. I will not suggest to write the password on any paper or share the password via email because this can lead to more serious security issues.
As a system administrator, sometimes forget the password to manage the directory service. Usually it use admin or Directory Manager’s password.
The normal user password is stored in Directory Server database and can be modified with tool such as ldapmodify and through 389 Directory Server client Console.
Directory Manager’s password stored in the directory server configuration file and can be seen (if you lose) and modified by editing the file.
If you forget the Directory Manager’s password, it’s pretty easy to reset it. You will have to edit the main server config file (dse.ldif).
In this article I will show how to check or reset the Directory Manager Password on RHEL 7 or CentOS 7.
Reset The Directory Manager Password
Follow the below steps to reset the Directory Manager Password.
1. First of all have to stop the directory service. If the server is running when the configuration file (dse.ldif) are modified, the changes will be lost and not applied.
# systemctl stop [yourinstance]
2. Now create the new password using the pwdhash command.
# /usr/bin/pwdhash yournewpassword
3. Open dse.ldif in the configuration directory.
# cd /etc/dirsrv/slapd-instancename # vi dse.ldif
4. Locate the nsslapd-rootpw parameter. Replace old directory manager password with the generated your new password in step 2 above :
5. Now save the changes and start the directory service.
# systemctl start [yourinstance]
6. Log into the Console again as Directory Manager, and verify the password.