Catchup

roles/Password/package/ldap-resetpass

@@ -1,5 +1,6 @@
 #!/bin/bash
 
+
 uid="$1"
 
 if [ -z "$uid" ]; then
@@ -7,25 +8,33 @@ if [ -z "$uid" ]; then
     exit 1
 fi
 
+# Get the bind password
 read -sp 'cn=root,dc=aninix,dc=net Password: ' rootdnpw
+printf "\n\n"
 
-ldappasswd -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 "uid=$uid,ou=People,dc=aninix,dc=net" && \
-    ldapmodify -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 -f <(cat <<EOM
+# Update the user password
+tput setaf 1 1>&2; tput bold 1>&2;
+/usr/bin/ldappasswd -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 "uid=$uid,ou=People,dc=aninix,dc=net"
+tput sgr0
+
+# Ensure pwdReset is present
+/usr/bin/ldapmodify -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 -f <(cat <<EOM
 dn: uid=$uid,ou=People,dc=aninix,dc=net
 changetype: modify
 add: pwdReset
 pwdReset: TRUE
 
-
 EOM
 )
 
-echo 'As cn=root,cn=config...' && ldapmodify -D 'cn=root,cn=config' -W -H ldap://127.0.0.1 -f <(cat <<EOM
+# Remove pwdChangedTime for immediate update
+/usr/bin/ldapmodify -e relax -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 -f <(cat <<EOM
 dn: uid=$uid,ou=People,dc=aninix,dc=net
 changetype: modify
 delete: pwdChangedTime
 
-
 EOM
 )
+
+# Exit
 exit $?