directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricio Demitrio <>
Subject Re: [ApacheDS] Error 56
Date Fri, 01 Feb 2013 15:52:26 GMT
Ok, I captured the operation using wireshark, I have no idea if this is
useful or not. I'm attaching two files (wireshark format and plain text,
both have same content).

And here is an answer from a developer of openam, I'm copying it since
maybe it helps.

 This error message is now coming
out of LDAP authentication module, and not from the UMUserChangePassword
The LDAP authentication module grabs the existing password and creates a
MODIFY request:
remove userpassword: currentvalue
add userpassword: newvvalue
Looks like this is not really handled by Apache DS for some reason,
which is quite strange. The other way is to simply run one operation of:
replace userpassword: newvalue
but this could be only done by a privileged user (who can reset
passwords for arbitrary users).

On Fri, Feb 1, 2013 at 3:51 PM, Emmanuel Lécharny <>wrote:

> There is somethong *extremelly* weird...
> The userPassword value you are trying to modify is :
> e1NTSEF9NGx1QXphMkw...tM2F3SHFZN0E9PQ==
> which once decoded gives :
> {SSHA}4luAza2L+0Xyut...VVm3awHqY7A==
> and now, the password value is a base64 value, which makes no sense...
> Something in OpenAM should encode the real SSHA salted password in
> base64, then add {SSHA) into the value, and try to remove this value
> from the server.
> I would expect the real value to be :
> {SSHA}â[€Í­‹ûE...VmÚÀz˜ì
> instead...
> Is it possible that you capture the PDU being exchanged between OpenAM
> and ApacheDS using wireshark ?
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny

  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message