directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRSERVER-1143) ldappasswd fails to bind
Date Wed, 05 Mar 2008 14:19:40 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12575354#action_12575354
] 

Emmanuel Lecharny commented on DIRSERVER-1143:
----------------------------------------------

Testing the default server (default configuration), and trying to change the password using
ldappasswd, here is what I get :

$ ldappasswd -x -D 'uid=admin,ou=system' -h localhost -p 10389 -s test -w secret
Result: Protocol error (2)
Additional info: Unrecognized extended operation EXTENSION_OID: 1.3.6.1.4.1.4203.1.11.1

This is pretty clear we don't support this extended request.

We do have some changepw layer, directly connected to the kerberos stack, but it's a different
beast.

We have to dig this issue, I think this is on our roadmap, or if it's not, it might be added.

This is described in RFC 3062.

> ldappasswd fails to bind
> ------------------------
>
>                 Key: DIRSERVER-1143
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.5.1
>         Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
>            Reporter: Martin Schuster
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
>         additional info: Bind failed: null
> and the logfile says:
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator]
- Password not correct for user 'uid=admin,ou=system'
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService]
- Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to
authenticate uid=admin,ou=system
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService]
- Cannot bind to the server 
> but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel L├ęcharny said in a mail to users@directory.apache.org:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message