2

A colleague has just resigned. And his account is being used as a build account on our Ubuntu 16.04.6 LTS.

Is there any way to reset his password without knowing his current password? I have tried sudo passwd $HIS_USER but it asks for current his current password (not mine).

And

  • The Ubuntu is using LDAP authentication
  • I can't reboot the server into GRUB because I'm working remotely
Tuan
  • 121
  • Check your system is 16.04.6, as that would imply you're behind on security patches and fixes, as a fully upgraded system should report itself as 16.04.7 (https://fridge.ubuntu.com/2020/08/14/ubuntu-16-04-7-lts-released/ where the date shows the ISO release date, installed systems upgraded to it before that date) – guiverc Mar 05 '21 at 09:55
  • 2
    sudo passwd $HIS_USER should ask for your password to authenticate to sudo, and shouldn't ask for $HIS_USER's password (unless you're using LDAP or something like that). – muru Mar 05 '21 at 09:58
  • His account is a ldap. I can try above command for a local user, but not him. – Tuan Mar 05 '21 at 10:11
  • 2
    LDAP server -> server admin? – Hannu Mar 05 '21 at 11:41
  • You should be able to manipulate the /etc/sudoers file so that you can sudo into this user without being prompted for a password, and fully impersonate him to the system. Of course, if the user account is disabled in LDAP, you may run into issues with the other information (UID, GID, home directory) isn't available from LDAP, either. – Kevin Keane Oct 04 '23 at 06:52

1 Answers1

3

login as root or type sudo su. Then you can set a new password for user with passwd [user].

Furthermore you could copy any other encrypted password from /etc/shadow to this user.

Thomas Aichinger
  • 2,946
  • His account is a ldap. There is no /etc/shadow for him. – Tuan Mar 05 '21 at 10:10
  • Then you have to deal with ldap admin. – Thomas Aichinger Aug 09 '23 at 15:03
  • There is an almost-complete workaround to that situation. Create a new local user with a different user name, but the same UID (you will need the -o argument to useradd) and the same home directory. You can then log on with that local user name as if you were that user. There is one difference that could possibly trip up a script: the user name will not be set correctly. – Kevin Keane Oct 04 '23 at 06:49