Appendix E. Setup password self reset schema (LAM Pro)

Please see here if you want to upgrade an existing schema version.

Schema installation

Please install the schema that comes with LAM Pro. The schema files are located in:

OpenLDAP with slapd.conf configuration

For a configuration with slapd.conf-file copy passwordSelfReset.schema to /etc/ldap/schema/ and add this line to slapd.conf:

OpenLDAP with slapd.d configuration

For slapd.d configurations you need to upload the schema file passwordSelfReset.ldif via ldapadd command:

ldapadd -x -W -H ldap://localhost -D "cn=admin,o=test,c=de" -f passwordSelfReset.ldif

Please replace "localhost" with your LDAP server and "cn=admin,o=test,c=de" with your LDAP admin user (usually starts with cn=admin or cn=manager).

In some cases you might need to import directly on the OpenLDAP server as root:

ldapadd -Y EXTERNAL -H ldapi:/// -f passwordSelfReset.ldif

389 server

Please replace INSTANCE with installation ID, e.g. slapd-389ds.

Samba 4

The schema files are passwordSelfReset-Samba4-attributes.ldif and passwordSelfReset-Samba4-objectClass.ldif.

First, you need to edit them and replace "DOMAIN_TOP_DN" with your LDAP suffix (e.g. dc=samba4,dc=test).

Then install the attribute and afterwards the object class schema file:

Windows

The schema file is passwordSelfReset-Windows.ldif.

First, you need to edit it and replace "DOMAIN_TOP_DN" with your LDAP suffix (e.g. dc=windows,dc=test).

Then install the schema file as administrator on a command line:

This allows to set a security question + answer for each account.