directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <elecha...@gmail.com>
Subject Re: [ApacheDS] Error 56
Date Fri, 01 Feb 2013 16:44:57 GMT
Le 2/1/13 4:52 PM, Patricio Demitrio a écrit :
> Ok, I captured the operation using wireshark, I have no idea if this is
> useful or not. I'm attaching two files (wireshark format and plain text,
> both have same content).
Ok, forget about my last mail, it makes no sense at all.

So here is what's happening :

- a BindRequest is issued, with 'uid=user8,ou=people,dc=eiger,dc=com',
and password in plain text ('password')

- a BindResponse is received (success)

- a ModifyRequest is issued (changing 'password' to 'Password!'):

'uid=user8,ou=people,dc=eiger,dc=com'
delete userpassword, password
add userpassword, Password!
with the PasswordPolicy control set

- And we get a ModifyResponse which is a NO_SUCH_ATTRIBUTE error.

A few things :
- The password is a PlainText password, it might not be accepted when
the PasswordPolicy control is set.
- The SSHA encoding for password is
{SSHA}Dqnp0N8cy7nj0Sn+OCZA6L0yq5ewFrPf/YvmBA==
- The SSHA encodingf or Password! is
{SSHA}fmhrau3bfE84FIy/jiXdyrwOUOpy2qI58JIWZA==

Can you check the ads-pwdcheckquality value in
ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
?

Can you also check that the current uid=user8,ou=people,dc=eiger,dc=com
entry's userPassword contains one of the two SSHA hash value I exposed
above ?

Thanks !


-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com 


Mime
View raw message