Password Recovery for Linux User Accounts

You can reset the password for a Linux user if required. The procedure depends on the class of user.

Linux System Users

This class includes the sysadmin account, and optionally other Linux system user accounts created to support a multi-admin scenario. If another Linux system account is available, you can use it to reset the password for this type of account as follows:

$ sudo passwd <user>
$ sudo chage -d 0 <user>

where <user> is the user name of the account to be reset (for, example, sysadmin) and sudo passwd <user> will prompt for the new password. The chage command forces immediate expiration, so that the user must change the password at first login.

If no other Linux system user accounts have been created, you can recover using the default LDAP operator or admin accounts. For more information, see Local LDAP Linux User Accounts.

LDAP System Users

This class includes users created using LDAP utilities.

You can reset the password for an LDAP account as follows:

$ sudo ldapmodifyuser <user> replace userPassword <temp_password>
$ sudo ldapmodifyuser <user> replace shadowLastChange 0

where <user> is the username, and <temp_password> is a temporary password. The second command forces a password change on first login.