diradmin password reset

I am getting the exact same error. I am trying to figure out what the heck it means. But needless to say, Apple's documentation is innacurate.

I have done a little testing around and have tried running that set of instruction while logged in as a network server administrator (not a local account).

but now I receive the error "DNS SRV: out of memory?"

Message was edited by: twillsie

Can you promote another user by using Workgroupmanager?

And give them the same rights as the diradmin?

Or is there no access at all to get into WGM?

Kind regards

Jeffrey

Hey there Free Tibet - did you ever find a solution? I'm running into the same issue....

p

I am still looking for an answer to this as well if anyone has?

I have this problem too, but the Terminal instructions do not work. Directory Utility still has the slot address as 0x00000000000000000000000000000001. The Terminal process goes along as predicted with no error messages. I still can not authenticate with diradmin + new password. I even tried and earlier version solution:

dmin$ sudo mkpassdb -setpassword 0x00000000000000000000000000000001

Password:

usage: [-u username][-m weakmech][-a][-b][-e count][-n replica-name][-o][-p][-q]

-dump [slot-ID]

-header

-getglobalpolicy

-kerberize

-key

-list

-mergedb filepath

-mergeparent filepath omit-file

-rekeydb [key-size-in-bits]

-setadmin slot-ID [admin-class (0-7)]

-setglobalpolicy policies

-setkeyagent slot-ID

-setcomputeraccount slot-ID [off]

And the results indicate that the command mkpassdb -setpassword does not work.

Any help?

I managed to solve the OP's exact issue in Lion Server (10.7.5) as follows:

1. In Server.app, create a new user, with server admin privileges.

2. Launch Applications/Server/Workgroup Manager. If you get an immediate authentication prompt, log in with a local admin-level OS X account.

3. Near the top of the main window, click on the tiny globe to switch to the LDAPv3/127.0.0.1 directory domain.

4. Click on the small black lock in the circle (right side of window) to authenticate as the new user from step 1.

5. You can then navigate to the Directory Administrator (diradmin) account and successfully change the password.

Hope this helps someone.

I'm seeing this same issue on OS X Server 10.8.5 and my suspicion is that it has happened after having to restore the Open Directory database.

No program or utility is able to change any entries in the LDAP directory and the best I can achieve is to view the entries by logging in to WorkGroup Manager with the local server admin account. So I can't add another account and set it as a server administrator.

Other posts seem to suggest that the error relates to SASL (secure) connection being required - even though part of the command listed by Apple (the -x) says to not use SASL.

Did anybody watching this thread come up with an answer? I'm thinking I might have to manually create a new Open Directory Master - in this case the number of entries I'd need to add aren't too excessive - but still a real pain.

I'm having the same issue exactly. I had to restore the Open Directory database after it got hosed after the last server security update. Cannot authenticate into LDAP database as Directory Administrator and cannot change the password without the dreaded message as follows:

Password:

New password:

Re-enter new password:

Result: Strong(er) authentication required (8)

Additional info: only authenticated users may change passwords

May try logging in as ROOT and trying the same terminal commands tonight but so far nothing seems to work!

I know this is a very old post. but I discovered this solution here:

http://erikslab.com/2008/10/02/os-x-server-reset-diradmins-password/

using 10.12.5 the similar error occurs:

Result: Other (e.g., implementation specific) error (80)

Additional info: internal error

which means that this problem has not been fixed in over 3 yrs.