Do I break YNH when resetting LDAP admin password?

Hi all,

I’m trying to get “authenticated” access to LDAP (mainly to find out whether that helps in getting access to Dolibarr)

To get authenticated access (as opposed to anonymous / read only) it is necessary to know the name of the admin account, conveniently cn=admin according to /etc/ldap/slapd.ldif as well as according to the topics I can find about LDAP.

The password supposedly is the password entered for the admin user when installing Yunohost.

I don’t have the YNH-admin user anymore (removed it a while after upgrading to YNH 11), but I do still have the password in my password manager. Only, it is not accepted.

An earlier thread gives hints on changing the admin password for Yunohost

I am afraid things will break if I change the LDAP admin password ‘without informing other apps’ of the change.

There is no “admin” password anymore. Admins are now a group, and the password is the password of whoever you are trying to authenticate with

Thanks, that is what I hoped!

That means that whenever I change the password of one of the users in the admin group, all apps relying on that user would have to change the credentials, but the changes are only expected in places where I explicitly used such credentials (there is no YNH-internal process relying on user passwords from the admin group).

With that, I can conclude that (at least on my Dolibarr) there is a mismatch that prevents credentials being checked in LDAP.