Help

Setting User Passwords in eDirectory while simultaneously changing account and keychain passwords

guidotti
Contributor II

Posted on ‎02-02-2016 10:37 AM

Hello, all.

We have a legacy Novell environment that controls our central Identity Management.
We're moving to Office365 (away from Lotus Notes), and are planning on going to AD in the mid to long-term for identity. In the meantime, my Mac users still have to change their passwords from a password portal running PWM Project code (with NMAS integrated for Novell support). What I was wanting to see is:

1) Has anyone attempted to write anything to do this and change local account and keychain passwords at the same time?

2) What people thought would be the best way to do this.

Our thoughts center around writing a java applet or other front-end to initiate generic LDAP calls, and then call system utilities to sync the passwords locally.

I realize Novell is less common nowadays, and the Mac integration is nigh-non-existent.
We do use the Kanaka utility for mounting legacy fileshares, but it is not very useful for password changes.

Thanks in advance for any insight.

0 Kudos
3 REPLIES 3

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎02-02-2016 11:18 AM

I haven't looked at eDirectory for years, is it still handled by by opendirectoryd? Any chance that changing their password in system preferences would work? (I suspect not but just in case;)

Keychain minder may be an option (or at least a starting point) if you can get into the code.

I would write up a script with the security command line tool in bash, although that just where I have more experience.

0 Kudos

musat
Contributor III

Posted on ‎02-02-2016 01:07 PM

We use the Novell Kanaka plugin that does just what you are looking for. With this, we tell users to change their password using the System Preferences / Users & Groups / Change Password button. This will change all local passwords (keychains included) along with the eDirectory Universal password.

So I am not sure what issues you are seeing with the Kanaka plugin.

0 Kudos

martenblank
New Contributor III

Posted on ‎04-26-2018 02:37 AM

We have our users changing their passwords with the Kanaka plug-in on the Macs. They need to change it this way to remain in sync with the local account keychain.

0 Kudos