Kapisi/roles/Password/package/ldap-resetpass

#!/bin/bash


uid="$1"

if [ -z "$uid" ]; then
    echo "Need a user ID (uid)!"
    exit 1
fi

# Get the bind password
read -sp 'cn=root,dc=aninix,dc=net Password: ' rootdnpw
printf "\n\n"

# Update the user password
tput setaf 1 1>&2; tput bold 1>&2;
/usr/bin/ldappasswd -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 "uid=$uid,ou=People,dc=aninix,dc=net"
tput sgr0

# Ensure pwdReset is present
/usr/bin/ldapmodify -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 -f <(cat <<EOM
dn: uid=$uid,ou=People,dc=aninix,dc=net
changetype: modify
add: pwdReset
pwdReset: TRUE

EOM
)

# Remove pwdChangedTime for immediate update
/usr/bin/ldapmodify -e relax -D 'cn=root,dc=aninix,dc=net' -w "$rootdnpw" -H ldap://127.0.0.1 -f <(cat <<EOM
dn: uid=$uid,ou=People,dc=aninix,dc=net
changetype: modify
delete: pwdChangedTime

EOM
)

# Exit
exit $?