dicbobz/chgLDAPpassword.py

## chgLDAPpassword.py
#!/usr/bin/python
# rick@drawbrid.ge
import ldap
import hashlib
import os, sys
import getpass
from base64 import encodestring as encode

def makehash(password):
    salt = os.urandom(4)
    h = hashlib.sha1(password)
    h.update(salt)
    return "{SSHA}" + encode(h.digest() + salt)[:-1]

def changePassword(user, ldap_pass, new_password):
    user_dn = 'uid=' + user + ',ou=users,dc=domain,dc=net'
    try:
        ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
        l = ldap.initialize("ldaps://yoursecureldapserver:636/")
        l.set_option(ldap.OPT_REFERRALS,0)
        l.set_option(ldap.OPT_PROTOCOL_VERSION,3)
        l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
        l.set_option(ldap.OPT_X_TLS_DEMAND,True)
        l.set_option(ldap.OPT_DEBUG_LEVEL,255)
        l.simple_bind_s(user_dn, ldap_pass)
        mod_attrs = [ (ldap.MOD_REPLACE, 'userpassword', new_password) ]
        l.modify_s(user_dn, mod_attrs)
        print("Password for %s changed") % user_dn
        l.unbind_s()
    except ldap.LDAPError, e:
        print e
        sys.exit(1)

if __name__ == "__main__":
    user = raw_input("Enter your LDAP username: ")
    ldap_pass = getpass.getpass("Enter your current LDP password: ")
    password = getpass.getpass("Please enter you new LDAP Password: ")
    password1 = getpass.getpass("...and again: ")
    if password == password1:
        newpassword = makehash(password)
        changePassword(user, ldap_pass, newpassword)
        sys.exit(0)
    else:
        print('Password do not match')
        sys.exit(1)
	#!/usr/bin/python
	# rick@drawbrid.ge
	import ldap
	import hashlib
	import os, sys
	import getpass
	from base64 import encodestring as encode

	def makehash(password):
	salt = os.urandom(4)
	h = hashlib.sha1(password)
	h.update(salt)
	return "{SSHA}" + encode(h.digest() + salt)[:-1]

	def changePassword(user, ldap_pass, new_password):
	user_dn = 'uid=' + user + ',ou=users,dc=domain,dc=net'
	try:
	ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
	l = ldap.initialize("ldaps://yoursecureldapserver:636/")
	l.set_option(ldap.OPT_REFERRALS,0)
	l.set_option(ldap.OPT_PROTOCOL_VERSION,3)
	l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
	l.set_option(ldap.OPT_X_TLS_DEMAND,True)
	l.set_option(ldap.OPT_DEBUG_LEVEL,255)
	l.simple_bind_s(user_dn, ldap_pass)
	mod_attrs = [ (ldap.MOD_REPLACE, 'userpassword', new_password) ]
	l.modify_s(user_dn, mod_attrs)
	print("Password for %s changed") % user_dn
	l.unbind_s()
	except ldap.LDAPError, e:
	print e
	sys.exit(1)

	if __name__ == "__main__":
	user = raw_input("Enter your LDAP username: ")
	ldap_pass = getpass.getpass("Enter your current LDP password: ")
	password = getpass.getpass("Please enter you new LDAP Password: ")
	password1 = getpass.getpass("...and again: ")
	if password == password1:
	newpassword = makehash(password)
	changePassword(user, ldap_pass, newpassword)
	sys.exit(0)
	else:
	print('Password do not match')
	sys.exit(1)