directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricio Demitrio <pdemit...@scoop-gmbh.de>
Subject Re: [ApacheDS] Error 56
Date Fri, 01 Feb 2013 17:00:40 GMT
Hi Again,

ads-pwdcheckquality is set to 0
current password for user8 is "password", and in the database is
{SSHA}x+TL0mJ+9p5VfxmwEgsKRZuh5Z3H+8wExAe2bw==
and when I open it showing the ldif perspective, it shows this:
e1NTSEF9eCtUTDBtSis5cDVWZnhtd0Vnc0tSWnVoNVozSCs4d0V4QWUyYnc9PQ==


On Fri, Feb 1, 2013 at 5:44 PM, Emmanuel Lécharny <elecharny@gmail.com>wrote:

> Le 2/1/13 4:52 PM, Patricio Demitrio a écrit :
> > Ok, I captured the operation using wireshark, I have no idea if this is
> > useful or not. I'm attaching two files (wireshark format and plain text,
> > both have same content).
> Ok, forget about my last mail, it makes no sense at all.
>
> So here is what's happening :
>
> - a BindRequest is issued, with 'uid=user8,ou=people,dc=eiger,dc=com',
> and password in plain text ('password')
>
> - a BindResponse is received (success)
>
> - a ModifyRequest is issued (changing 'password' to 'Password!'):
>
> 'uid=user8,ou=people,dc=eiger,dc=com'
> delete userpassword, password
> add userpassword, Password!
> with the PasswordPolicy control set
>
> - And we get a ModifyResponse which is a NO_SUCH_ATTRIBUTE error.
>
> A few things :
> - The password is a PlainText password, it might not be accepted when
> the PasswordPolicy control is set.
> - The SSHA encoding for password is
> {SSHA}Dqnp0N8cy7nj0Sn+OCZA6L0yq5ewFrPf/YvmBA==
> - The SSHA encodingf or Password! is
> {SSHA}fmhrau3bfE84FIy/jiXdyrwOUOpy2qI58JIWZA==
>
> Can you check the ads-pwdcheckquality value in
>
> ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
> ?
>
> Can you also check that the current uid=user8,ou=people,dc=eiger,dc=com
> entry's userPassword contains one of the two SSHA hash value I exposed
> above ?
>
> Thanks !
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message