Please see the Sourceforge Project site for full details and the latest news.
DS Password tools is a collection of two tools for changing or setting passwords on Mac OS X and Mac OS X Server (version 10.2.x)*. They have been designed to make use of the Open Directory (formerly Directory Services) API of OSX. The primary purpose for the existence of these tools is that by making use of this API they are compatible with the Password Server that ships with Mac OS X Server 10.2.
The two tools are designed to serve two needs. The first is to provide a tool that is easily scriptable for those wanting to offer password change routines by other means (such as a web interface). The second need is a general purpose tool for users who log into a Mac OS X host via a shell and need a means for changing passwords.
The first need is met by the stand-alone dspasswd
tool. It is very basic and does not provide much in the way of "extras". You supply username, old and new passwords, and optionally a node (if not using the local node) and it changes the password.
The second need is met by a source code patch to the standard passwd
command that comes with Mac OS X. The source code for that tool is available from Apple's Darwin project in the system_cmds package.
After deciding which tools you need, you will download the source packages from this site (and from Apple's Darwin site if you are patching the passwd program) and compile the tools. This does mean that you need to have the developer tools installed.
Download the dspasswd package from the file releases on the SourceForge project website. Launch a Terminal and cd to the directory where the file was downloaded to.
Type the following:
gnutar xzvf dspasswd-XX.tar.gz
(where XX is the version string)
cd dspasswd
pbxbuild
After the project builds, there will exist the "dspasswd" program in the "build" directory.
See the README file in source directory for usage instructions.
You will first need to download the system_cmds-230 package from Apple's Darwin site. (You should look at versions 6.0 through 6.6 of Darwin to find version 230 of this package) To do this, you will first have to sign up for an APSL registration.
Download the system_cmds-230.tar.gz file from the Darwin site.
Download the system_cmds-230.mods-XX.tar.gz file from this site into the same directory as the system_cmds-230.tar.gz file. Launch Terminal and cd into this download directory.
Type:
gnutar xzvf system_cmds-230.tar.gz
gnutar xzvf system_cmds-230.patch-XX.tar.gz
(where XX is the version string)
cd system_cmds-230
./patchandbuild
When the project finishes building, you should now find the new "passwd" tool in the "build" directory.
While dspasswd should work with all versions of Mac OS X prior to 10.3, to date it has only been tested on 10.2.x. The patch to system_cmds was created with respect to version 230, which is part of the release of Darwin equal to 10.2, so I have no guarantee that the patch will work out of the box for 10.1.x. If there is interest to qualify this for 10.1.x, please file a bug request on the Source Forge project site.
Panther and Tiger users don't need this package. The passwd program has been updated to work with the Password Server. Additionally, a new tool called pwpolicy has been introduced which encompasses most of the functionality of the dspasswd tool. For converting users from basic type to be Password Server based one can use the NeST tool with the "-convertuser" parameter.
I have chosen not to provide pre-compiled versions of the program. I do this to encourage the idea that you as a user or system administrator should be very wary of using a tool from an unknown person that will be processing passwords on your system. This is to force you to think about this and know that you have the opportunity to peruse the source code to make sure there is no trojan horse code to compromise your system.