kymair/ldapper.clj

## ldapper.clj
(ns ldapper.core
  (:require [clj-ldap.client :as ldap]
            [clj-message-digest.core :as cdigest])
  (:gen-class))

(def server (ldap/connect {:host "server:3997" :bind-dn "cn=Directory Manager" :password "password"}))

(def base-dn "ou=people,o=kymair.com")

(defn- hash-password
  [password]
  (str "{SHA}" (cdigest/sha-1-base64 password)))

(defn update-password
  [username new-password]
  (ldap/modify server (str "uid=" username "," base-dn) {:replace {:userPassword (hash-password new-password)}}))

(defn -main
  [username password]
  (update-password username password))

## ldapper.py
import ldap
import hashlib,base64
import sys
from time import time

server = 'ldap://server:8899'
bindUsername = 'cn=directory manager'
bindPassword = 'password'

username = sys.argv[1]
newPassword = sys.argv[2]

#The order matters!
baseDn = "ou=People,o=kymair.com"

def hash(password):
  return "{SHA}" + base64.encodestring(hashlib.sha1(str(password)).digest())

if __name__ == "__main__":
  l = ldap.initialize(server)
  l.simple_bind(bindUsername, bindPassword)

  dn = "uid=" + username + "," + baseDn;
  # Sometimes need search first, otherwise modify will fail due to "Insufficient access"
  l.search_s(dn,ldap.SCOPE_SUBTREE)

  for _ in range(10):
    l.modify_s(dn, [(ldap.MOD_REPLACE, 'userPassword',hash(time()))])
  l.modify_s(dn, [(ldap.MOD_REPLACE, 'userPassword', hash(newPassword))])

## powershell.ps1
# Download "Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1)"
# at http://www.microsoft.com/en-us/download/details.aspx?id=7887
Import-Module activedirectory
Set-ADAccountPassword -Identity wujindi -OldPassword (ConvertTo-SecureString -AsPlainText "OldPassword" -Force) -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword" -Force)
	(ns ldapper.core
	(:require [clj-ldap.client :as ldap]
	[clj-message-digest.core :as cdigest])
	(:gen-class))

	(def server (ldap/connect {:host "server:3997" :bind-dn "cn=Directory Manager" :password "password"}))

	(def base-dn "ou=people,o=kymair.com")

	(defn- hash-password
	[password]
	(str "{SHA}" (cdigest/sha-1-base64 password)))

	(defn update-password
	[username new-password]
	(ldap/modify server (str "uid=" username "," base-dn) {:replace {:userPassword (hash-password new-password)}}))

	(defn -main
	[username password]
	(update-password username password))
	import ldap
	import hashlib,base64
	import sys
	from time import time

	server = 'ldap://server:8899'
	bindUsername = 'cn=directory manager'
	bindPassword = 'password'

	username = sys.argv[1]
	newPassword = sys.argv[2]

	#The order matters!
	baseDn = "ou=People,o=kymair.com"

	def hash(password):
	return "{SHA}" + base64.encodestring(hashlib.sha1(str(password)).digest())

	if __name__ == "__main__":
	l = ldap.initialize(server)
	l.simple_bind(bindUsername, bindPassword)

	dn = "uid=" + username + "," + baseDn;
	# Sometimes need search first, otherwise modify will fail due to "Insufficient access"
	l.search_s(dn,ldap.SCOPE_SUBTREE)

	for _ in range(10):
	l.modify_s(dn, [(ldap.MOD_REPLACE, 'userPassword',hash(time()))])
	l.modify_s(dn, [(ldap.MOD_REPLACE, 'userPassword', hash(newPassword))])
	# Download "Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1)"
	# at http://www.microsoft.com/en-us/download/details.aspx?id=7887
	Import-Module activedirectory
	Set-ADAccountPassword -Identity wujindi -OldPassword (ConvertTo-SecureString -AsPlainText "OldPassword" -Force) -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword" -Force)