From eb771005af7e608e3565a0af6f6955ab738a0233 Mon Sep 17 00:00:00 2001
From: Zhang Huangbin
Date: Tue, 11 Apr 2017 10:17:11 +0800
Subject: [PATCH] Doc clean up.
---
en_US/howto/reset.user.password.md | 19 ++++++++++++++++---
html/reset.user.password.html | 20 +++++++++++++++++---
2 files changed, 33 insertions(+), 6 deletions(-)
diff --git a/en_US/howto/reset.user.password.md b/en_US/howto/reset.user.password.md
index e26909d3..bfa4a8ed 100644
--- a/en_US/howto/reset.user.password.md
+++ b/en_US/howto/reset.user.password.md
@@ -15,19 +15,28 @@ time to reset password to prevent mail message leak.
> * BCRYPT is recommended on BSD systems.
> * MD5 is not safe, DO NOT USE IT no matter what reasons you have.
-To generate password hash for new password, please use `doveadm` command. For
-example: generate a SSHA512 password hash:
+To generate password hash for new password, please use `doveadm` command.
+
+* Generate a SSHA512 password hash:
```
$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
```
+* Generate a BCRYPT password hash on BSD system:
+
+```
+$ doveadm pw -s 'blf-crypt' -p '123'
+{BLF-CRYPT}$2a$05$9CTW6FZtjHeK6W.2YMmzOeAj2YFvDpP4JEH0uH/YLQI81jPWDtzQW
+```
+
### SQL backends
To reset password for user `user@domain.ltd`, please login to SQL server as
either SQL root user or `vmailadmin` user (note: sql user `vmail` has read-only
-privilege to `vmail` database, so you cannot use it to change user password):
+privilege to `vmail` database, so you cannot use it to change user password),
+then execute SQL commands to reset password:
```
sql> USE vmail;
@@ -43,6 +52,10 @@ preferred.
## Reset password with scripts shipped in iRedAdmin-Pro
+!!! attention
+
+ iRedAdmin-Pro scripts support both SQL and LDAP backends.
+
### Reset password for one user
iRedAdmin-Pro ships script `tools/reset_user_password.py` to help you reset
diff --git a/html/reset.user.password.html b/html/reset.user.password.html
index 5688a16e..ef5577a1 100644
--- a/html/reset.user.password.html
+++ b/html/reset.user.password.html
@@ -52,16 +52,26 @@ time to reset password to prevent mail message leak.
MD5 is not safe, DO NOT USE IT no matter what reasons you have.
-To generate password hash for new password, please use doveadm
command. For
-example: generate a SSHA512 password hash:
+To generate password hash for new password, please use doveadm
command.
+
+- Generate a SSHA512 password hash:
+
$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
+
+- Generate a BCRYPT password hash on BSD system:
+
+$ doveadm pw -s 'blf-crypt' -p '123'
+{BLF-CRYPT}$2a$05$9CTW6FZtjHeK6W.2YMmzOeAj2YFvDpP4JEH0uH/YLQI81jPWDtzQW
+
+
SQL backends
To reset password for user user@domain.ltd
, please login to SQL server as
either SQL root user or vmailadmin
user (note: sql user vmail
has read-only
-privilege to vmail
database, so you cannot use it to change user password):
+privilege to vmail
database, so you cannot use it to change user password),
+then execute SQL commands to reset password:
sql> USE vmail;
sql> UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=' WHERE username='user@domain.ltd';
@@ -72,6 +82,10 @@ LDAP client tools. SSHA512
is recommended, but if you have some app
which needs to perform authentication with ldap dn directly, then SSHA
is
preferred.
Reset password with scripts shipped in iRedAdmin-Pro
+
+
Attention
+
iRedAdmin-Pro scripts support both SQL and LDAP backends.
+
Reset password for one user
iRedAdmin-Pro ships script tools/reset_user_password.py
to help you reset
one user's password. For example, on CentOS 7 (iRedAdmin is installed under