directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Petteri Stenius (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRSTUDIO-600) Add feature to replace hidden attribute
Date Thu, 03 Dec 2009 08:42:20 GMT

    [ https://issues.apache.org/jira/browse/DIRSTUDIO-600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12785228#action_12785228
] 

Petteri Stenius commented on DIRSTUDIO-600:
-------------------------------------------

Thanks for your quick reply and for pointing out the existing feature! I tested the workaround
and I can confirm it works.

I don't know if AD supports RFC 3062. I don't think so because the oid 1.3.6.1.4.1.4203.1.11.1
for this extension is not listed in RootDSE.

Maybe the option of using add/replace could be included in the "New Attribute" editor? 

> Add feature to replace hidden attribute
> ---------------------------------------
>
>                 Key: DIRSTUDIO-600
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-600
>             Project: Directory Studio
>          Issue Type: Improvement
>          Components: studio-ldapbrowser
>    Affects Versions: 1.5.0
>         Environment: Directory Studio 1.5.1, Windows, Java 1.6.0_11
>            Reporter: Petteri Stenius
>
> The "New Attribute" editor always results in "changetype: add". Sometimes it is useful
to specify "changetype: replace".
> Use case: Password reset
> Password reset with Active Directory or ADAM is difficult without replace. Active Directory
and ADAM always hides userPassword from all search results, and userPassword will never show
up in the Entry Editor. Because of this I cannot use "Edit Value" to replace the password
value. 
> The best option seems to be to use New Attribute, which results in error 20 (attributeOrValueExists).
> The working option, which is rather difficult, is to create a ldif script to execute.
> Modification logs with ADAM:
> #!RESULT ERROR
> #!CONNECTION ldap://localhost:50000
> #!DATE 2009-12-03T08:56:25.280
> #!ERROR [LDAP: error code 20 - 00002081: AtrErr: DSID-030F116D, #1:     0: 00002081:
DSID-030F116D, problem 1006 (ATT_OR_VALUE_EXISTS), data 0, Att 9005a (unicodePwd) 
> dn: CN=user1,CN=instance1,DC=localhost
> changetype: modify
> add: userPassword
> userPassword:: dXNlcjE=
> -
> #!RESULT OK
> #!CONNECTION ldap://localhost:50000
> #!DATE 2009-12-03T09:03:40.095
> dn: CN=user1,CN=instance1,DC=localhost
> changetype: modify
> replace: userPassword
> userPassword: user1
> -

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message