[Freeipa-devel] setting passwords stopped working
Matt Bernstein
mb--ipa at dcs.qmul.ac.uk
Mon Jun 23 19:45:31 UTC 2008
At 10:24 -0700 Nathan Kinder wrote:
> Is there anything interesting related to the ipa_passwd_extop plug-in in the
> Directory Server errors log (/var/log/dirsrv/slapd-<realm>/errors)?
Nothing. Here's a connection in the access log, in case it's helpful.
[23/Jun/2008:20:40:25 +0100] conn=201 fd=64 slot=64 connection from 138.37.95.132 to 138.37.95.132
[23/Jun/2008:20:40:25 +0100] conn=201 op=0 BIND dn="" method=sasl version=3 mech=GSSAPI
[23/Jun/2008:20:40:25 +0100] conn=201 op=0 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[23/Jun/2008:20:40:25 +0100] conn=201 op=1 BIND dn="" method=sasl version=3 mech=GSSAPI
[23/Jun/2008:20:40:25 +0100] conn=201 op=1 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[23/Jun/2008:20:40:25 +0100] conn=201 op=2 BIND dn="" method=sasl version=3 mech=GSSAPI
[23/Jun/2008:20:40:25 +0100] conn=201 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="krbprincipalname=kadmin/changepw at test.eecs.qmul.ac.uk,cn=test.eecs.qmul.ac.uk,cn=kerberos,dc=test,dc=eecs,dc=qmul,dc=ac,dc=uk"
[23/Jun/2008:20:40:25 +0100] conn=201 op=3 SRCH base="" scope=0 filter="(objectClass=*)" attrs="namingContexts"
[23/Jun/2008:20:40:25 +0100] conn=201 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[23/Jun/2008:20:40:25 +0100] conn=201 op=4 SRCH base="dc=test,dc=eecs,dc=qmul,dc=ac,dc=uk" scope=2 filter="(krbPrincipalName=tim at TEST.EECS.QMUL.AC.UK)" attrs="krbPrincipalName"
[23/Jun/2008:20:40:25 +0100] conn=201 op=4 RESULT err=0 tag=101 nentries=1 etime=0
[23/Jun/2008:20:40:25 +0100] conn=201 op=5 EXT oid="1.3.6.1.4.1.4203.1.11.1" name="passwd_modify_extop"
[23/Jun/2008:20:40:25 +0100] conn=201 op=5 RESULT err=53 tag=120 nentries=0 etime=0
[23/Jun/2008:20:40:25 +0100] conn=201 op=6 UNBIND
[23/Jun/2008:20:40:25 +0100] conn=201 op=6 fd=64 closed - U1
At 14:19 -0400 Simo Sorce wrote:
> can your run ldd /usr/sbin/ipa_kpasswd and paste here the output ?
It's up-to-date F9 x86_64:
# ldd /usr/sbin/ipa_kpasswd
linux-vdso.so.1 => (0x00007fffa41fe000)
libssldap60.so => /usr/lib64/libssldap60.so (0x0000000000607000)
libprldap60.so => /usr/lib64/libprldap60.so (0x0000000000813000)
libldap60.so => /usr/lib64/libldap60.so (0x0000000000a18000)
libssl3.so => /lib64/libssl3.so (0x0000000000c50000)
libsmime3.so => /lib64/libsmime3.so (0x0000000000e82000)
libnss3.so => /lib64/libnss3.so (0x00000000046ec000)
libnssutil3.so => /lib64/libnssutil3.so (0x00000000025e4000)
libplds4.so => /lib64/libplds4.so (0x000000000230c000)
libplc4.so => /lib64/libplc4.so (0x00000000010ad000)
libnspr4.so => /lib64/libnspr4.so (0x0000000002948000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00000000012b1000)
libdl.so.2 => /lib64/libdl.so.2 (0x00000000014cc000)
libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007fcd9bdff000)
libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007fcd9bbda000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fcd9b9d7000)
libc.so.6 => /lib64/libc.so.6 (0x00007fcd9b66b000)
libsoftokn3.so => /lib64/libsoftokn3.so (0x00007fcd9b431000)
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007fcd9b216000)
/lib64/ld-linux-x86-64.so.2 (0x0000000000110000)
libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007fcd9b00e000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fcd9ae0b000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fcd9abf6000)
libsqlite3.so.0 => /usr/lib64/libsqlite3.so.0 (0x00007fcd9a987000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fcd9a74e000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fcd9a532000)
Let me know if there's anything else I can offer.
Thanks
Matt
More information about the Freeipa-devel
mailing list