A Forum reader recently asked:
“Does anyone know an easy way to force a global password change on our NetWare 6.5 server users? It’s a single tree with SP5 on it.”
And here’s the response from Novell’s Aaron Burgemeister …
You can expire them all via LDIF. Here’s what you need to do:
1. From Linux, run the following command to export/import the LDIF:
ldapsearch -h ipAddress -p 389 -D cn=admin,dc=context,dc=goes,dc=here -x - -W objectClass=user dn > outFile.ldif
2. You’ll be prompted for a password – even if you don’t see the prompt, be sure to type it in.
cp outFile.ldif inFile.ldif
3. Modify the file here, adding the following lines to each DN line:
changetype: modify add: passwordexpirationtime passwordexpirationtime: 20070101010000Z
4. Import it back in.
ldapmodify -h ipAddress -p 389 -D cn=admin,dc=context,dc=goes,dc=here -x - -W -f ./inFile.ldif
Looking at the users, they should all have passwords expiring at 1 a.m. (UTC) New Year’s Day 2007. For modifying the LDIF you should have no problems with a decent text editor. JEdit (free, cross-platform), UltraEdit (free trial, Windows only), CoolEdit and EditPlus (free trial, Windows only) are all options. Notepad/Wordpad/word will not do what you need them to without a lot of pain and suffering, so I wouldn’t even try there unless you are a macro king/queen.