Hi,
What do you mean by : enable password-migration mode? can you elaborate, where do I have to enable it? on the master on the slave?
In my previous post I did test changing the password using both clear an pre-hashed password, and it didn't work.
2) Modify userPassword from the slave using clear text password
ldapmodify -h localhost -p 389 -D "uid=lnadmin,ou=special users,dc=example,dc=com" -w pass -x <<EOF
dn: uid=adam,ou=people,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: password
EOF
modifying entry "uid=adam,ou=people,dc=example,dc=com"
ldap_modify: Constraint violation (19)
additional info: database configuration error - please contact the system administrator
ldapmodify -h localhost -p 389 -D "uid=lnadmin,ou=special users,dc=example,dc=com" -w pass -x <<EOF
dn: uid=adam,ou=people,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: password
EOF
modifying entry "uid=adam,ou=people,dc=example,dc=com"
ldap_modify: Constraint violation (19)
additional info: database configuration error - please contact the system administrator
3) Modify userPassword from the slave using encrypted password
ldapmodify -h localhost -p 389 -D "uid=lnadmin,ou=special users,dc=example,dc=com" -w wolverine -x <<EOF
dn: uid=adam,ou=people,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: {SSHA}gvg6KehxZNYcLnLrAJrI0TzWpQzXH0oe
EOF
modifying entry "uid=adam,ou=people,dc=example,dc=com"
ldap_modify: Constraint violation (19)
additional info: invalid password syntax - passwords with storage scheme are not allowed
ldapmodify -h localhost -p 389 -D "uid=lnadmin,ou=special users,dc=example,dc=com" -w wolverine -x <<EOF
dn: uid=adam,ou=people,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword: {SSHA}gvg6KehxZNYcLnLrAJrI0TzWpQzXH0oe
EOF
modifying entry "uid=adam,ou=people,dc=example,dc=com"
ldap_modify: Constraint violation (19)
additional info: invalid password syntax - passwords with storage scheme are not allowed
Regards.
Le mer. 27 févr. 2019 à 00:44, William Brown <wbrown@xxxxxxx> a écrit :
> On 26 Feb 2019, at 00:23, wodel youchi <wodel.youchi@xxxxxxxxx> wrote:
>
> 3) Modify userPassword from the slave using encrypted password
> ldapmodify -h localhost -p 389 -D "uid=lnadmin,ou=special users,dc=example,dc=com" -w wolverine -x <<EOF
> dn: uid=adam,ou=people,dc=example,dc=com
> changetype: modify
> replace: userPassword
> userPassword: {SSHA}gvg6KehxZNYcLnLrAJrI0TzWpQzXH0oe
> EOF
> modifying entry "uid=adam,ou=people,dc=example,dc=com"
> ldap_modify: Constraint violation (19)
> additional info: invalid password syntax - passwords with storage scheme are not allowed
IIRC you aren’t able to set a password into the field that is pre-hashed. You either need to enable password-migration mode, or you should supply the plaintext password and the server hashes it for you. Does that fix the issue?
—
Sincerely,
William Brown
Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
