From 7bed005ac0e90eaaffb88ef630cb6a7f02798f01 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Sat, 17 Dec 2016 21:17:23 +0100
Subject: [PATCH] [enh] include aleks script to reset ldap password

---
 bin/reset-ldap-password | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 bin/reset-ldap-password

diff --git a/bin/reset-ldap-password b/bin/reset-ldap-password
new file mode 100644
index 000000000..a96de34f4
--- /dev/null
+++ b/bin/reset-ldap-password
@@ -0,0 +1,29 @@
+# Generate new password hash
+NEW_PASSWORD_HASH=`slappasswd -h {SSHA}`
+
+# Stop slapd service...
+service slapd stop
+
+# Backup slapd.conf (to be restored at the end of script)
+cp /etc/ldap/slapd.conf /root/slapd.conf.bkp
+
+# Append lines to slapd.conf to manually define root password hash
+echo 'rootdn "cn=admin,dc=yunohost,dc=org"' >> /etc/ldap/slapd.conf
+echo "rootpw $NEW_PASSWORD_HASH" >> /etc/ldap/slapd.conf
+
+# Test conf (might not be entirely necessary though :P)
+slaptest -Q -u -f /etc/ldap/slapd.conf
+
+# Regenerate slapd.d directory
+rm -Rf /etc/ldap/slapd.d
+mkdir /etc/ldap/slapd.d
+slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
+
+# Set permissions to slapd.d
+chown -R openldap:openldap /etc/ldap/slapd.d/
+
+# Restore slapd.conf
+mv /root/slapd.conf.bkp /etc/ldap/slapd.conf
+
+# Restart slapd service
+service slapd start