A Forum reader recently asked:

“Does anyone know an easy way to force a global password change on our NetWare 6.5 server users? It’s a single tree with SP5 on it.”

And here’s the response from Novell’s Aaron Burgemeister …


You can expire them all via LDIF. Here’s what you need to do:

1. From Linux, run the following command to export/import the LDIF:

ldapsearch -h ipAddress -p 389 -D cn=admin,dc=context,dc=goes,dc=here -x
- -W objectClass=user dn > outFile.ldif

2. You’ll be prompted for a password – even if you don’t see the prompt, be sure to type it in.

cp outFile.ldif inFile.ldif

3. Modify the file here, adding the following lines to each DN line:

changetype: modify
add: passwordexpirationtime
passwordexpirationtime: 20070101010000Z

4. Import it back in.

ldapmodify -h ipAddress -p 389 -D cn=admin,dc=context,dc=goes,dc=here -x
- -W -f ./inFile.ldif

Looking at the users, they should all have passwords expiring at 1 a.m. (UTC) New Year’s Day 2007. For modifying the LDIF you should have no problems with a decent text editor. JEdit (free, cross-platform), UltraEdit (free trial, Windows only), CoolEdit and EditPlus (free trial, Windows only) are all options. Notepad/Wordpad/word will not do what you need them to without a lot of pain and suffering, so I wouldn’t even try there unless you are a macro king/queen.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: ab
Feb 28, 2007
5:01 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow