Introduction:

LDAP Account Manager (LAM) is a web-based tool for managing users, groups, and other LDAP objects. It stores its configuration, including the LDAP admin DN and password, in a profile configuration file. If the LDAP admin password changes, LAM won’t connect to the directory until we update it.

Prerequisites:

Before updating the LDAP admin password in LAM, ensure the following:

  1. Administrative Access
  2. New LDAP Admin Password
  3. Installation Path
  4. Web Browser Access
  5. Server Access (for CLI)

Implementation:

Step 1: Generate a New Password Hash

$ sudo slappasswd -s <password>
Replace <password> with the required (your new plain text password)

Step 2: Update the Password via LAM GUI

(i) Open LAM in your browser

http://your-server-ip/lam

(ii) Click “LAM configuration”

(iii) Log in with your LAM configuration password (not your LDAP password).

(iv) Navigate to:
Edit Server Settings → General settings → Profile Password and update the required password

(v) Click Save (bottom of the page).

Return to the main login screen and test the connection with the new credentials.

Step 3: Update the Password via CLI (Optional)

(i) Locate your LAM configuration file
$ cd /var/lib/ldap-account-manager/config/profiles/

(ii) Edit the configuration file
$ sudo nano default.conf

(iii) Find the line beginning with
passwd: …

(iv) Replace it with your new plain-text password
passwd: NewPasswordHere

(v) Save and exit

(vi) Restart your web service
$ sudo systemctl restart apache2

    Now LAM will use the new LDAP admin credentials.

    Conclusion:

    Updating the LDAP admin password in LDAP Account Manager (LAM) ensures continued secure communication with your LDAP directory. Maintaining regular password rotations and keeping both LDAP and LAM credentials synchronised helps ensure robust directory security.

    Post Views: 0

    Leave a Reply