<div dir="ltr"><div><div>Greetings FreeIPA users,<br><br></div>I'm setting up FreeIPA 
service in our production environment to replace several different 
authentication methods for various systems. I'm trying to migrate the 
first wave of users now My plan was to copy their passwords from an old 
LDAP directory (one of the aforementioned several authentication 
methods) and then send them to the migration page to finish the job.<br><br><div style="margin-left:40px"><span style="font-family:monospace,monospace">bslusky@ipa1.aws:~$ head techteam-passwords.ldif</span><br><span style="font-family:monospace,monospace">dn: uid=user1001,cn=users,cn=accounts,dc=smartling,dc=int</span><br><span style="font-family:monospace,monospace">changeType: modify</span><br><span style="font-family:monospace,monospace">replace: userPassword</span><br><span style="font-family:monospace,monospace">userPassword:: e1NTSE[...]</span><br><span style="font-family:monospace,monospace">-</span><br><span style="font-family:monospace,monospace"></span><br><span style="font-family:monospace,monospace">dn: uid=user1002,cn=users,cn=accounts,dc=smartling,dc=int</span><br><span style="font-family:monospace,monospace">changeType: modify</span><br><span style="font-family:monospace,monospace">replace: userPassword</span><br><span style="font-family:monospace,monospace">userPassword:: e1NIQX[...]</span><br></div><br>Unfortunately it isn't working:<br></div><div><br><div style="margin-left:40px"><span style="font-family:monospace,monospace">bslusky@ipa1.aws:~$ ldapmodify -x -D cn=directory\ manager -W -f techteam-passwords.ldif</span><br><span style="font-family:monospace,monospace">Enter LDAP Password:</span><br><span style="font-family:monospace,monospace">modifying entry "uid=user1001,cn=users,cn=accounts,dc=smartling,dc=int"</span><br><span style="font-family:monospace,monospace">ldap_modify: Operations error (1)</span><br></div><br></div><div>I found some possible causes of this error, and fixed them:<br><br><div style="margin-left:40px"><span style="font-family:monospace,monospace">bslusky@ipa1.aws:~$ ipa config-show |grep migration</span><br><span style="font-family:monospace,monospace">  Enable migration mode: TRUE</span><br><span style="font-family:monospace,monospace"></span><br><span style="font-family:monospace,monospace">bslusky@ipa1.aws:~$ ldapsearch -x -D cn=directory\ manager -W -b cn=config |grep allow-hashed</span><br><span style="font-family:monospace,monospace">Enter LDAP Password: </span><br><span style="font-family:monospace,monospace">nsslapd-allow-hashed-passwords: on</span><br></div><br></div><div>Still no soap. Any suggestions?<br><br></div><div>TIA,<br>-<br></div>-Ben<br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div></div><span><font color="#888888"><b style="color:rgb(153,153,153)">Ben Slusky<br></b><span><span style="color:rgb(153,153,153)">Smartling, Inc. Senior Operations Engine<font color="#888888">er</font></span><br></span></font></span><span><font color="#888888"><span><span><font color="#888888"><span><a href="mailto:bslusky@smartling.com" style="font-family:arial;font-size:small;color:rgb(17,65,112)" target="_blank"><font color="#35aad5">bslusky@smartling.com</font></a><span style="color:rgb(153,153,153);font-family:arial;font-size:small"></span></span></font></span> | <a href="http://www.smartling.com/" style="font-family:arial;font-size:small;color:rgb(17,65,112)" target="_blank"><font color="#35aad5">smartling.com</font></a><span style="color:rgb(153,153,153);font-family:arial;font-size:small"><a value="+18667076278"><br></a></span></span></font></span></div></div>
</div>