On 03/01/2017 04:25 PM, tuan88@xxxxxxxxx wrote: > hi > > Here you are. > with those 2 pasword below I can use them to "passwd" again & Again as user "tnng" Can you paste some access log output showing these password updates? passwd could still be using Directory Manager to set the passwords. > !Ca4nn12 !H0yda23 > > [tnng@centos6 ~]$ passwd > Changing password for user tnng. > Current Password: > New password: > Retype new password: > passwd: all authentication tokens updated successfully. > [tnng@centos6 ~]$ passwd > Changing password for user tnng. > Current Password: > New password: > Retype new password: > passwd: all authentication tokens updated successfully. > [tnng@centos6 ~]$ passwd > Changing password for user tnng. > Current Password: > New password: > Retype new password: > passwd: all authentication tokens updated successfully. > [tnng@centos6 ~]$ passwd > Changing password for user tnng. > Current Password: > New password: > Retype new password: > passwd: all authentication tokens updated successfully. > [tnng@centos6 ~]$ > > [root@centos6 scripts]# ldapsearch -xLLL -ZZ -b dc=centos '(&(uid=tnng))' passwordRetryCount passwordExpWarned accountUnlockTime passwordExpirationTime passwordHistory createtimestamp modifytimestamp retryCountResetTime passwordAllowChangeTime nsRoleDN > > dn: cn=Tuan Nguyen,cn=unixtek,ou=Infrastructure,dc=centos > passwordExpWarned: 0 > passwordExpirationTime: 20170302203205Z > createtimestamp: 20170114110541Z > modifytimestamp: 20170301203205Z > > # entry-id: 60 > dn: cn=Tuan Nguyen,cn=unixtek,ou=Infrastructure,dc=centos > passwordExpWarned: 0 > passwordExpirationTime: 20170302204127Z > passwordGraceUserTime: 0 > modifyTimestamp: 20170301204127Z > modifiersName: cn=server,cn=plugins,cn=config > userPassword:: e1NTSEF9RVFlNlgva2o4cCsvdVNRZis3NDROQnJzdEx6a1EzWGN6clNTWlE9PQ= > = > loginShell: /bin/bash > uidNumber: 1234 > gidNumber: 804 > uid: tnng > objectClass: top > objectClass: posixaccount > cn: Tuan Nguyen > homeDirectory: /home/tnng > creatorsName: cn=directory manager > createTimestamp: 20170301203823Z > nsUniqueId: ffc94351-febe11e6-9d7ddec4-bc02e5f0 > > # entry-id: 61 > > enable log: > 128 Access control list processing > 2048 Log entry parsing. Logs schema parsing debugging information. > > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Configuration_and_Command-Line_Tool_Reference/error-logs.html > > stop dirsrv > nsslapd-errorlog-level: 2176 (128+2048) (dse.ldif) > start dirsrv > > the log "errors" is attached OR at www.chezmoi.dk/div/errors > > [root@centos6 slapd-centos]# cat /etc/sssd/sssd.conf > [sssd] > config_file_version = 2 > services = nss, pam > domains = default > debug_level = 5 > debug_to_files = true > > [nss] > enum_cache_timeout = 30 > filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd > > [domain/default] > auth_provider = ldap > ldap_tls_cacertdir = /etc/openldap/cacerts > #ldap_id_use_start_tls = True > chpass_provider = ldap > ldap_search_base = dc=CENTOS > id_provider = ldap > enumerate = True > #cache_credentials = True > offline_credentials_expiration = 3 > ldap_uri = ldap://centos6.site,ldap://centos62.site > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
