On Mon, 2017-02-13 at 12:51 +0200, Todor Petkov wrote:
> On Mon, Feb 13, 2017 at 1:26 AM, William Brown <wibrown@xxxxxxxxxx> wrote:
> > Do you mind posting the ldif? Have you tried using ldapadd -f <your
> > ldif> to the server to see what that says.
> >
> > This is likely that some part of schema is being violated, so should be
> > easy to resolve :)
>
>
> Hello,
>
> seems if I give the password as:
> userpassword: {SSHA}47l/wCYK8N0DgyKl9Ax+QDQGPMbkOHJa3daALw==
>
> It gives and error, but:
> userpassword: cleartextpass
>
Unless you have nsslapd-allow-hashed-passwords: on (cn=config), you can
not provide a pre-hashed password in an ldapadd/modify operation.
I would advise that setting the cleartextpass and letting DS do the hash
and store is a better procedure, but it's up to you. If you want to
pre-create the password with pwdhash, and set allow hashed passwords, go
for it.
Hope that helps.
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
