How to change the LDAP password (OS X)

 

  • create the directory /etc/openldap/ssl (open a terminal and type: 'sudo mkdir /etc/openldap/ssl')
  • using a web browser go to ca.ist.utl.pt
  • select "Get CA certificate"
  • select "CA-certificate in format CRT" and save it (right-click and select "Save Link As...") on a directory of your choosing
  • copy the downloaded file (cacert.crt) to /etc/openldap/ssl
  • edit the file /etc/openldap/ldap.conf and add the following line:
    TLS_CACERT /etc/openldap/ssl/cacert.crt
  • run the following command (replace "sleepwalker" with your LDAP username):
    ldappasswd -H ldaps://golpweb.ist.utl.pt -x -D uid=sleepwalker,ou=epp,ou=users,dc=golp,dc=ist,dc=utl,dc=pt -S -W
  • after you run the above command you will be asked three questions, the first two you answer by typing your new password (it needs to have
    at least 12 characters from three out of the four following character classes: capital letters, lower case letters, numbers and symbols), the last question you answer by typing the password you received by email (if this is the first time you are changing your password)