OS X Server: How to reset the Open Directory administrator password

You can reset the Open Directory administrator password without affecting user data. You might need to do this if an administrator departs without sharing their password.

Use these steps to reset the Open Directory administrator password in OS X Mavericks or later.

  1. On the Open Directory server, open Terminal and use this command:
    ldapsearch -LLL -x -H ldap://127.0.0.1 -s base namingContexts
    
  2. In the output, look for the dc= entries, such as dc=ldap1,dc=example,dc=com. Note these entries.
  3. Log in to the server as an administrator.
  4. Open Terminal, then use the following command. Replace the sample dc= entries with the entries you noted before. Also, if the directory administrator account's uid is not diradmin, change the command accordingly.
    sudo ldappasswd -x -H ldapi://%2Fvar%2Frun%2Fldapi -S uid=diradmin,cn=users,dc=ldap1,dc=example,dc=com
    
  5. Enter your administrator account password when prompted.
  6. At the "New Password:" prompt, enter the new directory administrator password you want to use. Enter it again when prompted.
Last Modified:
Helpful?
52% of people found this helpful.

Additional Product Support Information

Start a Discussion

in Apple Support Communities
See all questions on this article See all questions I have asked
United States (English)