Using some of our new tools

Ok... Now that we have our toolbox Let's do something with it. Today we'll look at a simple solution to an everyday problem. Resetting a password.

Reset a Password
I'll assume you are running samba as well, and will need to update that password too. Keep in mind that you do not want your password to be simple, easy to guess, etc.

The easy way:
Just setting to random 25 character password

#! /usr/bin/perl

use strict;
require /path/to/subs.pl;
my $newPass = &genRandomPasswd("25");
my @hashes = genPasswdHashes($newPass);
my $managerPassword;
if ($#ARGV != 0) {
print "usage: resetPasswd.pl username \n";
exit;
}

print "Manager Password for changes:"
system('stty','-echo');
chop($managerPassword=);
system('stty','echo');
my $bindCode = &ldapBindAuth("Manager","$managerPassword");
if ($bindCode == '0'){
}else{
print "Bind Failed. Code: $bindCode";
}
my $modPasswd = &ldapModify($uid,"userPassword",$hashes[0]);
my $modLM = &ldapModify($uid,"sambaLMPassword ",$hashes[1];
my $modNT = &ldapModify($uid,"sambaNTPassword",$hashes[2];
&unbindLdap;
print New: $newPass\n";

The hard way
Basic breakdown of what we are doing:
Get the username to reset
Choose to enter a password or random or default
Get the master password
Reset the password


#!/usr/bin/perl
use strict;
require /path/to/subs.pl;

print "UID to reset password for:";
my $uid = ;
chomp $uid;
print "Use Random Password? (Y/n):";
my $randomResponse =
if ($randomResponse =~ /^[Yy]/){
$newPass = &genRandomPasswd("25");
print "New: $newPass\n";
}else{
print "Use Default Password? (Y/n):";
my $useDefault = ;
if ($useDefault =~ /^[yY]/){
$newPass = $defaultPass;
}else{
print "Enter New Password:";
system('stty','-echo');
my $newPassEntry1 = ;
system('stty','echo');
print "Enter New Password Again:";
system('stty','-echo');
my $newPasswordEntry2 = ;
system('stty','echo');
if ($newPasswordEntry1 =~ /^$newPasswordEntry2$/){
$newPass = $newPasswordEntry1'
}
}
}

my @hashes = genPasswdHashes($newPass);
my $managerPassword;
print "Manager Password for changes:"
system('stty','-echo');
chop($managerPassword=);
system('stty','echo');

my $bindCode = &ldapBindAuth("Manager","$managerPassword");
if ($bindCode == '0'){
}else{
print "Bind Failed. Code: $bindCode";
}
my $modPasswd = &ldapModify($uid,"userPassword",$hashes[0]);
my $modLM = &ldapModify($uid,"sambaLMPassword ",$hashes[1];
my $modNT = &ldapModify($uid,"sambaNTPassword",$hashes[2];
&unbindLdap;
#for debugging, enable the following line. If all is well you should get 3 zeros.
#print "$modPasswd, $modLM, $modNT \n";