<div dir="ltr"><div dir="ltr" class="gmail_msg">Ah yes, I hadn't even noticed as Google cleans that up automatically but I can confirm (explicit) contact from Kimmi and co.<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg"><br></div><div class="gmail_msg"><br class="gmail_msg"></div></div><br class="gmail_msg"><div class="gmail_quote gmail_msg"><div dir="ltr" class="gmail_msg">On Mon, Dec 5, 2016 at 5:24 PM Joseph Flynn <<a href="mailto:jjflynn22@gmail.com" class="gmail_msg" target="_blank">jjflynn22@gmail.com</a>> wrote:<br class="gmail_msg"></div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg"><div class="gmail_msg">Ah, now SophiaB wants in on the action too. Looks like my lucky day.<br class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Seriously though, I think the community needs to anonymize participants out of necessity.<br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">On Mon, Dec 5, 2016 at 12:02 PM, Joseph Flynn <span dir="ltr" class="gmail_msg"><<a href="mailto:jjflynn22@gmail.com" class="gmail_msg" target="_blank">jjflynn22@gmail.com</a>></span> wrote:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">Me too. Within minutes of my first posting, I have good old Kimmi
offering me all kinds of favors. All of our emails are exposed to the
group which I'd like to trust but we obviously can't. All it takes is for a spammer to join the group and they will eventually collect a group of active emails with a very targeted demographic.<br class="gmail_msg"></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg"><span class="gmail_msg">On Mon, Dec 5, 2016 at 11:45 AM, Stefan Uygur <span dir="ltr" class="gmail_msg"><<a href="mailto:suygur@firstderivatives.com" class="gmail_msg" target="_blank">suygur@firstderivatives.com</a>></span> wrote:<br class="gmail_msg"></span><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_msg"><div class="m_9144496208601221291m_7784606768664292524h5 gmail_msg">
<div link="blue" vlink="purple" lang="EN-IE" class="gmail_msg">
<div class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742WordSection1 gmail_msg">
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Guys,<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Since I replied to the list I keep receiving spam emails, what is happening?<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></span></p>
<div class="gmail_msg">
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0cm 0cm 0cm" class="gmail_msg">
<p class="MsoNormal gmail_msg"><b class="gmail_msg"><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg"> Stefan Uygur
<br class="gmail_msg">
<b class="gmail_msg">Sent:</b> 05 December 2016 16:40<br class="gmail_msg">
<b class="gmail_msg">To:</b> 'Callum Guy'; Florence Blanc-Renaud; <a href="mailto:freeipa-users@redhat.com" class="gmail_msg" target="_blank">freeipa-users@redhat.com</a><br class="gmail_msg">
<b class="gmail_msg">Subject:</b> RE: [Freeipa-users] Directory Manager Password Change<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
</div>
</div>
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Glad you solved your issue.<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">I’ve been there myself so don’t worry about it at all.<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><b class="gmail_msg"><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg"> Callum Guy [<a href="mailto:callum.guy@x-on.co.uk" class="gmail_msg" target="_blank">mailto:callum.guy@x-on.co.uk</a>]
<br class="gmail_msg">
<b class="gmail_msg">Sent:</b> 05 December 2016 16:37<br class="gmail_msg">
<b class="gmail_msg">To:</b> Stefan Uygur; Florence Blanc-Renaud; <a href="mailto:freeipa-users@redhat.com" class="gmail_msg" target="_blank">
freeipa-users@redhat.com</a><br class="gmail_msg">
<b class="gmail_msg">Subject:</b> Re: [Freeipa-users] Directory Manager Password Change<u class="gmail_msg"></u><u class="gmail_msg"></u></span></p>
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Hi Stefan,<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Thanks for your input, I am able to clarify that I wasn't simply copying and pasting in - the dollar sign was included in my password rather than the example. But yes, no denying that my command line skills are to blame.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Further to this problem I am happy to report that the issue is now solved. My main issue was the dollar sign meaning that I had updated the DM password incorrectly for FreeIPA. Secondly I appear to have caused an issue with SSSD and it
was a restart of this service which finally resolved the issue for me. I doubt there is much to be learnt from my issue - definitely user error.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Thanks so much for your responses, very much appreciated. Apologies for taking up your time.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Callum<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
</div>
</div>
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">On Mon, Dec 5, 2016 at 2:48 PM Stefan Uygur <<a href="mailto:suygur@firstderivatives.com" class="gmail_msg" target="_blank">suygur@firstderivatives.com</a>> wrote:<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt" class="gmail_msg">
<div class="gmail_msg">
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Hi,</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">I think you are copying and pasting the exact same commands from the article,
which is of course a wrong approach. Never copy/paste from web to execute on your server. That $ signs indicates you can give any name you’d like.</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"> </span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Follow this article here:</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"><a href="https://access.redhat.com/solutions/308623" class="gmail_msg" target="_blank">https://access.redhat.com/solutions/308623</a></span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"> </span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg">Stefan</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"> </span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d" class="gmail_msg"> </span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg"><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg">From:</span></b></span><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg">
<a href="mailto:freeipa-users-bounces@redhat.com" class="gmail_msg" target="_blank">freeipa-users-bounces@redhat.com</a> [mailto:<a href="mailto:freeipa-users-bounces@redhat.com" class="gmail_msg" target="_blank">freeipa-users-bounces@redhat.com</a>]
<b class="gmail_msg">On Behalf Of </b>Callum Guy</span></span><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" lang="EN-US" class="gmail_msg"><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg">Sent:</b> 05 December 2016 13:38</span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg">To:</b> Florence Blanc-Renaud; <a href="mailto:freeipa-users@redhat.com" class="gmail_msg" target="_blank">
freeipa-users@redhat.com</a></span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg">Subject:</b> Re: [Freeipa-users] Directory Manager Password Change</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Hi Flo,<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">I have indeed executed every step in order, including the one you have indicated.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">The password I has used included a dollar sign and this meant that <span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-family:Consolas;color:#333333;background:whitesmoke" class="gmail_msg">echo -n $DM_PASSWORD
> /root/dm_password </span></span>didn't work as I had expected meaning everything after the dollar was interpreted as a variable and was missing in the file. I have corrected this and performed the full process again, starting with the 389 reset however it
is still not working correctly.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">I remain in the same state as before where the admin password has not been changed - this confuses me as my understanding is that admin only exists as the FreeIPA web admin user
whose password I can change separately. Am i misunderstanding, is there another admin user within FreeIPA which is directly linked to the directory manager?<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Having run out of ideas I have just executed ipa-server-upgrade however this hasn't helped. My situation remains as follows:<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><b class="gmail_msg">Works:</b> ldapsearch -x -D "cn=directory manager" -w <b class="gmail_msg">NEW_DM_PW </b>-s base -b "" "objectclass=*"<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><b class="gmail_msg">Fails: </b>ldapsearch -h localhost -ZZ -p 389 -x -D "uid=admin,ou=people,o=ipaca" -w
<b class="gmail_msg">NEW_DM_PW </b>-b "" -s base<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Are you able to offer any other ideas? <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Other information:<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">I can confirm that cacert.p12 has been updated by the actions performed.<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">File /etc/pki/pki-tomcat/password.conf now contains a new line internaldb=<b class="gmail_msg">NEW_DM_PW </b>(as per instruction 1 on FreeIPA link) <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Best Regards,<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">Callum<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="MsoNormal gmail_msg">On Mon, Dec 5, 2016 at 1:08 PM Florence Blanc-Renaud <<a href="mailto:flo@redhat.com" class="gmail_msg" target="_blank">flo@redhat.com</a>> wrote:<u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt" class="gmail_msg">
<p class="MsoNormal gmail_msg" style="margin-bottom:12.0pt">On 12/05/2016 01:05 PM, Callum Guy wrote:<br class="gmail_msg">
> Hi All,<br class="gmail_msg">
><br class="gmail_msg">
> I have been testing FreeIPA and now plan to migrate to production use -<br class="gmail_msg">
> thanks for creating such a great application!<br class="gmail_msg">
><br class="gmail_msg">
> During the test phase we have been using simple passwords for the admin<br class="gmail_msg">
> and directory manager users however we need these changed before moving<br class="gmail_msg">
> into production. I believe we can change the admin password using the<br class="gmail_msg">
> web interface however as I understand it amending the directory manager<br class="gmail_msg">
> password is not so straightforward.<br class="gmail_msg">
><br class="gmail_msg">
> I have found this<br class="gmail_msg">
> link <a href="https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password" class="gmail_msg" target="_blank">
https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password</a> however<br class="gmail_msg">
> I am unsure if this is the correct procedure for our installation -<br class="gmail_msg">
> certainly i am having no luck so far.<br class="gmail_msg">
><br class="gmail_msg">
> We have the following setup:<br class="gmail_msg">
><br class="gmail_msg">
> FreeIPA 4.2.0 - single master server (no replicas), multiple clients<br class="gmail_msg">
> CentOS 7.2<br class="gmail_msg">
><br class="gmail_msg">
> I have tried the following steps in order:<br class="gmail_msg">
><br class="gmail_msg">
> <a href="http://directory.fedoraproject.org/docs/389ds/howto/howto-resetdirmgrpassword.html" class="gmail_msg" target="_blank">
http://directory.fedoraproject.org/docs/389ds/howto/howto-resetdirmgrpassword.html</a><br class="gmail_msg">
> followed by<br class="gmail_msg">
> <a href="https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password" class="gmail_msg" target="_blank">
https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password</a><br class="gmail_msg">
><br class="gmail_msg">
> After completing that I am no longer able to authenticate user logins.<br class="gmail_msg">
> The below covers my current situation:<br class="gmail_msg">
><br class="gmail_msg">
> This works:<br class="gmail_msg">
> ldapsearch -x -D "cn=directory manager" -w NEWPASSWORD -s base -b ""<br class="gmail_msg">
> "objectclass=*"<br class="gmail_msg">
><br class="gmail_msg">
> This does not work:<br class="gmail_msg">
> ldapsearch -x -D "cn=directory manager" -w OLDPASSWORD -s base -b ""<br class="gmail_msg">
> "objectclass=*"<br class="gmail_msg">
><br class="gmail_msg">
> This works:<br class="gmail_msg">
> ldapsearch -h localhost -ZZ -p 389 -x -D "uid=admin,ou=people,o=ipaca"<br class="gmail_msg">
> -W -b "" -s base<br class="gmail_msg">
> OLDPASSWORD<br class="gmail_msg">
><br class="gmail_msg">
> This does not work:<br class="gmail_msg">
> ldapsearch -h localhost -ZZ -p 389 -x -D "uid=admin,ou=people,o=ipaca"<br class="gmail_msg">
> -W -b "" -s base<br class="gmail_msg">
> NEWPASSWORD<br class="gmail_msg">
><br class="gmail_msg">
Hi,<br class="gmail_msg">
<br class="gmail_msg">
your commands show that the Directory Manager password was properly<br class="gmail_msg">
modified, but not admin's password. Did you run the step 3 Updating PKI<br class="gmail_msg">
admin password of the procedure [1]?<br class="gmail_msg">
ldappasswd -h localhost -ZZ -p $CA_PORT -x -D "cn=Directory Manager" -W<br class="gmail_msg">
-T /root/dm_password "uid=admin,ou=people,o=ipaca"<br class="gmail_msg">
<br class="gmail_msg">
Flo.<br class="gmail_msg">
<br class="gmail_msg">
[1]<br class="gmail_msg">
<a href="https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password#3._Update_PKI_admin_password" class="gmail_msg" target="_blank">https://www.freeipa.org/page/Howto/Change_Directory_Manager_Password#3._Update_PKI_admin_password</a><br class="gmail_msg">
<br class="gmail_msg">
> So i'm i a mixed up state! Is anyone able to offer advise on resolving<br class="gmail_msg">
> this issue?<br class="gmail_msg">
><br class="gmail_msg">
> Thank you,<br class="gmail_msg">
><br class="gmail_msg">
> Callum<br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
> *^0333 332 0000 | <a href="http://www.x-on.co.uk" class="gmail_msg" target="_blank">www.x-on.co.uk</a> <<a href="http://www.x-on.co.uk" class="gmail_msg" target="_blank">http://www.x-on.co.uk</a>> | _<br class="gmail_msg">
> **_^<<a href="https://twitter.com/xonuk" class="gmail_msg" target="_blank">https://twitter.com/xonuk</a>><br class="gmail_msg">
> <<a href="http://www.linkedin.com/company/x-on/products" class="gmail_msg" target="_blank">http://www.linkedin.com/company/x-on/products</a>><br class="gmail_msg">
> <<a href="https://www.facebook.com/XonTel" class="gmail_msg" target="_blank">https://www.facebook.com/XonTel</a>> *<br class="gmail_msg">
> X-on is a trading name of Storacall Technology Ltd a limited company<br class="gmail_msg">
> registered in England and Wales.<br class="gmail_msg">
> Registered Office : Avaland House, 110 London Road, Apsley, Hemel<br class="gmail_msg">
> Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.<br class="gmail_msg">
> The information in this e-mail is confidential and for use by the<br class="gmail_msg">
> addressee(s) only. If you are not the intended recipient, please notify<br class="gmail_msg">
> X-on immediately on <a href="tel:+44%20333%20332%200000" class="gmail_msg" target="_blank">+44(0)333 332 0000</a> and delete the<br class="gmail_msg">
> message from your computer. If you are not a named addressee you must<br class="gmail_msg">
> not use, disclose, disseminate, distribute, copy, print or reply to this<br class="gmail_msg">
> email. Views or opinions expressed by an individual<br class="gmail_msg">
> within this email may not necessarily reflect the views of X-on or its<br class="gmail_msg">
> associated companies. Although X-on routinely screens for viruses,<br class="gmail_msg">
> addressees should scan this email and any attachments<br class="gmail_msg">
> for viruses. X-on makes no representation or warranty as to the absence<br class="gmail_msg">
> of viruses in this email or any attachments.<br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</blockquote>
</div>
<p class="MsoNormal gmail_msg"> <u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="MsoNormal gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742m_-2652188724440977549_x005f_x0000_i1025" src="http://www.x-on.co.uk/email/footer/banner-x-on.jpg" border="0" class="gmail_msg"><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg1 gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg"><sup class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg">0333 332 0000 |
<a href="http://www.x-on.co.uk" class="gmail_msg" target="_blank">www.x-on.co.uk</a> | </span></sup></b></span><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg"><sub class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg"> </span></sub></b></span><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg"><sup class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg"><a href="https://twitter.com/xonuk" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742m_-2652188724440977549_x005f_x0000_i1026" src="http://www.x-on.co.uk/images/icon/linkedin.png" width="24" height="24" border="0" class="gmail_msg"></span></a>
<a href="http://www.linkedin.com/company/x-on/products" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742m_-2652188724440977549_x005f_x0000_i1027" src="http://www.x-on.co.uk/images/icon/facebook.png" width="24" height="24" border="0" class="gmail_msg"></span></a>
<a href="https://www.facebook.com/XonTel" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742m_-2652188724440977549_x005f_x0000_i1028" src="http://www.x-on.co.uk/images/icon/twitter.png" width="24" height="24" border="0" class="gmail_msg"></span></a></span></sup></b></span><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><b class="gmail_msg"><span style="font-size:13.5pt" class="gmail_msg">
</span></b></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<div class="gmail_msg">
<div class="gmail_msg">
<p class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg1 gmail_msg"><span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg"><span style="font-size:6.0pt;font-family:"Verdana","sans-serif";color:black" class="gmail_msg">X-on is a trading name of Storacall Technology Ltd a limited company registered in England and Wales.</span></span><span style="font-size:6.0pt;font-family:"Verdana","sans-serif";color:black" class="gmail_msg"><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg">Registered Office : Avaland House, 110 London Road, Apsley, Hemel Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.</span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg">The information in this e-mail is confidential and for use by the addressee(s) only. If you are not the intended recipient, please notify X-on immediately on
<a href="tel:+44%20333%20332%200000" class="gmail_msg" target="_blank">+44(0)333 332 0000</a> and delete the</span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg">message from your computer. If you are not a named addressee you must not use, disclose, disseminate, distribute, copy, print or reply to this email. Views or opinions expressed by an individual</span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg">within this email may not necessarily reflect the views of X-on or its associated companies. Although X-on routinely screens for viruses, addressees should scan this email and any attachments</span><br class="gmail_msg">
<span class="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742gmailmsg gmail_msg">for viruses. X-on makes no representation or warranty as to the absence of viruses in this email or any attachments.</span></span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal gmail_msg"><u class="gmail_msg"></u> <u class="gmail_msg"></u></p>
<p class="MsoNormal gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742_x0000_i1029" src="http://www.x-on.co.uk/email/footer/banner-x-on.jpg" border="0" class="gmail_msg"><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
<p class="gmail_msg"><b class="gmail_msg"><sup class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg">0333 332 0000 |
<a href="http://www.x-on.co.uk" class="gmail_msg" target="_blank">www.x-on.co.uk</a> | </span></sup></b><b class="gmail_msg"><sub class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg"> </span></sub></b><b class="gmail_msg"><sup class="gmail_msg"><span style="font-size:13.5pt;font-family:"Verdana","sans-serif"" class="gmail_msg"><a href="https://twitter.com/xonuk" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742_x0000_i1030" src="http://www.x-on.co.uk/images/icon/linkedin.png" width="24" height="24" border="0" class="gmail_msg"></span></a>
<a href="http://www.linkedin.com/company/x-on/products" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742_x0000_i1031" src="http://www.x-on.co.uk/images/icon/facebook.png" width="24" height="24" border="0" class="gmail_msg"></span></a> <a href="https://www.facebook.com/XonTel" class="gmail_msg" target="_blank"><span style="text-decoration:none" class="gmail_msg"><img id="m_9144496208601221291m_7784606768664292524m_-9012541337205000285m_4696349123989830742_x0000_i1032" src="http://www.x-on.co.uk/images/icon/twitter.png" width="24" height="24" border="0" class="gmail_msg"></span></a></span></sup></b><b class="gmail_msg"><span style="font-size:13.5pt" class="gmail_msg">
</span></b><span style="font-size:6.0pt;font-family:"Verdana","sans-serif";color:black" class="gmail_msg"><br class="gmail_msg">
X-on is a trading name of Storacall Technology Ltd a limited company registered in England and Wales.<br class="gmail_msg">
Registered Office : Avaland House, 110 London Road, Apsley, Hemel Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.<br class="gmail_msg">
The information in this e-mail is confidential and for use by the addressee(s) only. If you are not the intended recipient, please notify X-on immediately on <a href="tel:+44%20333%20332%200000" value="+443333320000" class="gmail_msg" target="_blank">+44(0)333 332 0000</a> and delete the<br class="gmail_msg">
message from your computer. If you are not a named addressee you must not use, disclose, disseminate, distribute, copy, print or reply to this email. Views or opinions expressed by an individual<br class="gmail_msg">
within this email may not necessarily reflect the views of X-on or its associated companies. Although X-on routinely screens for viruses, addressees should scan this email and any attachments<br class="gmail_msg">
for viruses. X-on makes no representation or warranty as to the absence of viruses in this email or any attachments.</span><u class="gmail_msg"></u><u class="gmail_msg"></u></p>
</div>
</div>
<br class="gmail_msg"></div></div><span class="gmail_msg">--<br class="gmail_msg">
Manage your subscription for the Freeipa-users mailing list:<br class="gmail_msg">
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" class="gmail_msg" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br class="gmail_msg">
Go to <a href="http://freeipa.org" rel="noreferrer" class="gmail_msg" target="_blank">http://freeipa.org</a> for more info on the project<br class="gmail_msg"></span></blockquote></div><br class="gmail_msg"></div>
</blockquote></div><br class="gmail_msg"></div>
--<br class="gmail_msg">
Manage your subscription for the Freeipa-users mailing list:<br class="gmail_msg">
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" class="gmail_msg" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br class="gmail_msg">
Go to <a href="http://freeipa.org" rel="noreferrer" class="gmail_msg" target="_blank">http://freeipa.org</a> for more info on the project</blockquote></div></div>
<br>
<p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-align:justify"><font size="3" face="Verdana"><span style="font-size:8px;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"></span></font></p><img src="http://www.x-on.co.uk/email/footer/banner-x-on.jpg"><br><p><font size="4"><span style="font-size:8px;color:rgb(0,0,0);background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline"></span><b><sup><font face="Verdana">0333 332 0000 | <a href="http://www.x-on.co.uk" target="_blank">www.x-on.co.uk</a> | <sub> </sub></font></sup></b></font><font size="4"><b><sub><sup><font face="Verdana"><a href="https://twitter.com/xonuk" target="_blank"><img src="http://www.x-on.co.uk//images/icon/linkedin.png" width="24" height="24"></a> <a href="http://www.linkedin.com/company/x-on/products" target="_blank"><img src="http://www.x-on.co.uk//images/icon/facebook.png" width="24" height="24"></a> <a href="https://www.facebook.com/XonTel" target="_blank"><img src="http://www.x-on.co.uk//images/icon/twitter.png" width="24" height="24"></a></font></sup></sub> </b></font>
<span style="font-size:6.0pt;font-family:Verdana;color:black"><br>X-on
is a trading name of Storacall Technology Ltd a limited company registered in
England and Wales.<br>
Registered Office : Avaland House, 110 London Road, Apsley, Hemel Hempstead,
Herts, HP3 9SD. Company Registration No. 2578478.<br>
The information in this e-mail is confidential and for use by the addressee(s)
only. If you are not the intended recipient, please notify X-on immediately on <span>+44(0)333 332 0000</span> and delete the<br>message from your computer. If you are not a named addressee you must not use,
disclose, disseminate, distribute, copy, print or reply to this email. </span><span style="font-size:6.0pt;font-family:Verdana;color:black">Views
or opinions expressed by an individual<br>within this email may not necessarily
reflect the views of X-on or its associated companies. Although X-on routinely
screens for viruses, addressees should scan this email and any attachments<br>for
viruses. X-on makes no representation or warranty as to the absence of viruses
in this email or any attachments.</span></p>
<p><span style="font-size:6.0pt;font-family:Verdana;color:black"></span><font size="2"><span style="font-size:6.0pt;font-family:Verdana;color:black"></span></font></p>