2014-12-03 06:19:12 -06:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
< title > Reset user password< / title >
< link href = "./css/markdown.css" rel = "stylesheet" > < / head >
< / head >
< body >
< div id = "navigation" >
< a href = "http://www.iredmail.org" target = "_blank" > iRedMail web site< / a >
// < a href = "./index.html" > Document Index< / a >
< / div > < h1 id = "reset-user-password" > Reset user password< / h1 >
2015-02-01 05:22:03 -06:00
< blockquote >
< ul >
2015-02-05 06:05:07 -06:00
< li > SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.< / li >
2015-02-01 05:22:03 -06:00
< li > BCRYPT is recommended for SQL backens on BSD systems.< / li >
< / ul >
< / blockquote >
2014-12-03 06:19:12 -06:00
< p > With MySQL or PostgreSQL backends, you can generate a password hash with
< code > openssl< / code > or < code > doveadm< / code > command first, then replace old one with this newly
generated one.< / p >
< p > For example:< / p >
< ul >
< li > Generate a salted MD5 password hash with < code > openssl< / code > (plain password is < code > 123456< / code >
in this case):< / li >
< / ul >
< pre > < code > $ openssl passwd -1 123456
$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0
< / code > < / pre >
< p > Or, generate password hash with < code > doveadm< / code > :< / p >
2015-02-01 05:22:03 -06:00
< pre > < code > $ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
2014-12-03 06:19:12 -06:00
< / code > < / pre >
< ul >
< li > Reset password for user < code > user@domain.ltd< / code > and < code > another-user@domain.ltd< / code > :< / li >
< / ul >
< pre > < code > sql> USE vmail;
sql> UPDATE mailbox SET password='$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0' WHERE username='user@domain.ltd';
2015-02-01 05:22:03 -06:00
sql> UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY...' WHERE username='another-user@domain.ltd';
2014-12-03 06:19:12 -06:00
< / code > < / pre >
< p > With OpenLDAP backend, you can reset it with phpLDAPadmin or other LDAP client
2015-02-01 05:22:03 -06:00
tools, < code > SSHA< / code > is preferred if you have other applications to authenticate
users against OpenLDAP.< / p >
2015-02-01 05:31:17 -06:00
< p > It's ok to use plain password temporarily, then login to Roundcube webmail
or iRedAdmin-Pro (with self-service enabled) to reset password immediately.
For example:< / p >
< pre > < code > sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.ltd';
< / code > < / pre >
2015-02-01 05:22:03 -06:00
< h2 id = "see-also" > See also< / h2 >
< ul >
< li > < a href = "./password.hashes.html" > Password hashes used/supported by iRedMail< / a > < / li >
2015-02-05 07:02:53 -06:00
< / ul > < p style = "text-align: center; color: grey;" > Document published under a < a href = "http://creativecommons.org/licenses/by-nd/3.0/us/" target = "_blank" > CC BY-ND 3.0< / a > license. If you found something wrong, please do < a href = "http://www.iredmail.org/contact.html" > contact us< / a > to fix it.< script >
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
2014-12-03 06:19:12 -06:00
< / script >
< / body > < / html >