[389-users] can't modify userPassword with proxy user: after code debugging...
Roberto Polli
rpolli at babel.it
Tue Aug 4 16:51:33 UTC 2009
Following http://www.mail-archive.com/fedora-directory-
users at redhat.com/msg09799.html
As of now, no solution but give to proxy user write access on entries..
if you succeeded in another way you're welcome to post.
I looked+gdb the code of modify.c: when I try to change userPassword another
flow is done.
modify.c:
...
if (has_password_mod):
PasswordFlow
return
StandardFlow
return
in PasswordFlow, the function
op_shared_allow_pw_change()
change the password ignoring controls and evaluating proxy user access
permissions as a local user
in StandardFlow, all the controls are evaluated and the proxy_dn is set
To make a specific request using only the interesting controls, avoiding
evaluation of unneeded ones (), I used the following options to ldapmodify|
passwd
* -g -R -J 2.16.840.1.113730.3.4.18
Peace,
R.
--
Roberto Polli
Babel S.r.l. - http://www.babel.it
Tel. +39.06.91801075 - fax +39.06.91612446
Tel. cel +39.340.6522736
P.zza S.Benedetto da Norcia, 33 - 00040 Pomezia (Roma)
"Il seguente messaggio contiene informazioni riservate. Qualora questo
messaggio fosse da Voi ricevuto per errore, Vogliate cortesemente darcene
notizia a mezzo e-mail. Vi sollecitiamo altresì a distruggere il messaggio
erroneamente ricevuto. Quanto precede Vi viene chiesto ai fini del rispetto
della legge in materia di protezione dei dati personali."
More information about the Fedora-directory-users
mailing list