First, run slappasswd to get the hash for the new password you want:
# slappasswd
New password:
Re-enter new password:
{SSHA}VKrYMxlSKhONGRpC6rnASKNmXG2xHXFo
Now prepare a changerootpw.ldif file with this content:
# vi changerootpw.ldif
dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}VKrYMxlSKhONGRpC6rnASKNmXG2xHXFo
Finally, run the ldapmodify command:
# ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f changerootpw.ldif
modifying entry "olcDatabase={1}mdb,cn=config"
We still have the actual cn=admin,dc=example,dc=com DN in the dc=example,dc=com database, so let’s change that too. Since this is a regular entry in this database suffix, we can use ldappasswd:
# ldappasswd -x -D cn=admin,dc=example,dc=com -W -S New password: Re-enter new password: Enter LDAP Password: <-- current password, about to be changed