Update from SuSE Linux eMail Server II to III: Password Takeover

Support knowledgebase (hmuelle_passwortchange)
Applies to

eMail Server: Version 3

Symptom

After having updated from SuSE Linux eMail Server II to SuSE Linux eMail Server III, the users cannot login.

Cause

In very few exceptional cases a wrong crypt-salt has been generated in SuSE Linux eMail Server II. This results in passwords working only with SuSE Linux eMail Server II.

Solution

Change the password for every single user via the web configuration frontend as administrator (cyrus)

OR

use the Perl script <pwchange.pl> in order to reset the password for _ALL_ users. By doing this, a new default password identical for all users will be defined.

#! /usr/bin/perl
#
# Copyright (c) 2001 SuSE GmbH Nuernberg, Germany.  All rights reserved.
#
#
# $Id: hmuelle_passwortchange.sdb,v 1.1 2002/07/22 09:15:01 ip Exp $
#

use strict;
use POSIX;
use Net::LDAP;
use Net::LDAP::Util qw( ldap_error_text);

my $base     = "dc=domain,dc=topleveldomain";
my $rootdn   = "uid=cyrus,".$base;
my $rootpw   = "secret";
my $defpw    = "password";

my $ldap = Net::LDAP->new("localhost");
die "unable to contact LDAP server" if ! defined $ldap;

my $mesg = $ldap->bind ( dn => "$rootdn",
			 password => "$rootpw" );

die "unable to bind LDAP server: ".ldap_error_text($mesg->code) if $mesg->code != 0;

$mesg = $ldap->search( base => $base,
		       scope => "one",
		       filter=> "(&(uid=*)(&(!(uid=cyrus))(!(uid=mailadmin))))",
		       attrs=> [ "userPassword" ] );
die "unable to search LDAP server: ".ldap_error_text($mesg->code) if $mesg->count <= 0;

foreach my $e ( $mesg->all_entries ) {
    $e->replace( userpassword => "{crypt}".
		 crypt($defpw, pack("C2",(int(rand 26)+65),(int(rand 26)+65)) ));
    $e->update($ldap);
}

Unfortunately, this is the only possible procedure since the original passwords cannot be restored from the crypt.

Adapt the "inithead" to your environment before executing the script:

my $base = "dc=domain,dc=de";
my $rootdn = "uid=cyrus,".$base;
my $rootpw = "secret";
my $defpw = "password";

Execute the script as root user.

Now all users will be able to login with the default password and can subsequently change it.


See also:
o After Updating from SuSE Linux eMail Server II to III, Users or Address Books Are Missing

Keywords: IMAP3, UPDATE, PASSWORD, LOGIN

Categories: SuSE Linux IMAP Server

SDB-hmuelle_passwortchange, Copyright SuSE Linux AG, Nürnberg, Germany - Version: 22. Jul 2002
SuSE Linux AG - Last generated: 22. Jul 2002 by ip (sdb_gen 1.40.0)