How can Broadcom's LDAP server be used to change a Top Secret user's password so it is expired at first logon and to force the user to replace it with a new one?
Component: TSSLDP
With Broadcom's LDAP server you can change a Top Secret user's password and have it expired like with the native TSS commands below:
TSS REP(#acid) PASSWORD(#password,,EXP) or
TSS REP(#acid) PASSWORD(#password,15,EXP) also to replace the password interval.
Use the ldapmodify command with option -f to point to an ldif file defined as follows:
LDIF File:
*** Top Of Data *** dn: tssacid=myacid,tssadmingrp=acids,host=yourHost,o=ca,c=us changetype: modify replace: userPassword userPassword: xxxxxxxx - replace: ExpireNow ExpireNow: Y *** End Of Data ***
If you want to change the password interval, include the following in that ldif file:
*** - replace: userPassword-Interval userPassword-Interval: 15 ***
Below is an example of the ldapmodify command syntax:
./ldapmodify -x -D cn=ADMIN -w ADMINPASS -v -H ldaps://xxxxxx.xxxxxxxx.com:port -ZZ -f ldiffile