Newsroom Update
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Hi,
I have taken over the maintenance of a Mac Mini server. The previous persone left the Server Admin crudentials but no information regarding LDAP Admin.
Could not find the information in the Keychain non of the known usernames and passowords work either.
Any idea how to reset the LDAP Admin password?
Thanks!
Rogier
The typical user created for managing Open DIrectory LDAP is Directory Administrator (diradmin), though it's possible to have a different user.
Launch Workgroup Manager and authenticate to the server, and have a look around for that user. (If necessary, click Accounts head-and-shoulders icon on the top, and then the other head-and-shoulders icon. This will get you to the accounts, and specifically to the users that are in Open Directory)
If you find that user, or any other users that has a checkmark for "administer this server" for that matter, then those are the passwords you'll be changing.
If Workgroup Manager shows the user as locked, click on the padlock.
(All of this assumes that you have access to Workgroup Manager through some user that can administer the Open Directory server. If not, then you'll want to ask your predecessor, or you'll be breaking into the database.)
The password is on the same display as the user accounts.
I'd strongly recommend getting a backup of everything before making any changes. Boot the DVD installation disk, and use Disk Utility from the Utilities menu to create disk images to external disks from there. Probably two copies, on two disks. Mistakes here can be bad, and you'll want to have a good copy regardless.
The typical user created for managing Open DIrectory LDAP is Directory Administrator (diradmin), though it's possible to have a different user.
Launch Workgroup Manager and authenticate to the server, and have a look around for that user. (If necessary, click Accounts head-and-shoulders icon on the top, and then the other head-and-shoulders icon. This will get you to the accounts, and specifically to the users that are in Open Directory)
If you find that user, or any other users that has a checkmark for "administer this server" for that matter, then those are the passwords you'll be changing.
If Workgroup Manager shows the user as locked, click on the padlock.
(All of this assumes that you have access to Workgroup Manager through some user that can administer the Open Directory server. If not, then you'll want to ask your predecessor, or you'll be breaking into the database.)
The password is on the same display as the user accounts.
I'd strongly recommend getting a backup of everything before making any changes. Boot the DVD installation disk, and use Disk Utility from the Utilities menu to create disk images to external disks from there. Probably two copies, on two disks. Mistakes here can be bad, and you'll want to have a good copy regardless.
Thanks for you help!!!
My problem is that I can't unlock the "padlock"...
Sounds like the account you're using doesn't have administrative rights in Open Directory. I had to do something like this to get into Workgroup Manager on a server before.
You should be able to reset the diradmin password now (or just keep logging in with the user who has administrative privileges), or maybe even add a second directory administrator as a backup plan.
Thanks for your help :-)
WIll try on Monday. I recall trying this already but not 100% sure.
From what I remember I could not add a user or group due to the fact that the pane is locked :-/
Ask the previous administrator. That's the easiest.
The following is listed as the official Apple LDAP directory administrator password reset sequence for 10.5, and AFAIK it still works on 10.6: Mac OS X Server: How to reset the Open Directory administrator password (HT1194)
Snow Leopard Server reset LDAP Admin password
