directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: [ApacheDS] Password not correct for user
Date Wed, 05 Mar 2008 13:37:46 GMT
Martin Schuster (IFKL IT OS DSM CD) wrote:
> Doing
> ldapsearch -w zak -D 'uid=schumar,[...],dc=com' -b 'dc=com' '(uid=schumar)' -x
> works fine (apart from the server spewing out
> ERROR [org.apache.directory.server.ldap.support.UnbindHandler] - failed to
> unbind session properly
> at the end)
We are aware of this error, and we still have to fix it ... (but this is not related to your
issue :)

> But if the user tries to change his password using
> ldappasswd -a zak -D 'uid=schumar,[...],dc=com' -x
> he gets
> ldap_bind: Invalid credentials (49)
> and the server says
> INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password
> not correct for user 'uid=schumar,[...],dc=com'
>
> accessControl is disabled, so if I understood correctly this isn't a problem
> with ACIs, right?
>   
ACIs are not guilty, see further.
> btw, I have the same problem when trying to bind with uid=admin,ou=system with
> ldappasswd.
>   
Plain normal, the same method is applied for admin and all users.

The ldappasswd is using an extended request, described by RFC 3062. I 
_think_ we support this RFC, but it may be buggy (I don't remember last 
time we tested it... was far to away in the past :).

I suggest you fill a JIRA so that we check and eventually fix a 
potential issue of the next release (1.5.3).

I gonna check what's going on with this request anyway, but for the 
record, I would really appreciate a JIRA !

-- 
--
cordialement, regards,
Emmanuel L├ęcharny
www.iktek.com
directory.apache.org



Mime
View raw message