[Freeipa-users] Ipa migration, from ui cannot change password
Rob Crittenden
rcritten at redhat.com
Thu Sep 20 17:42:32 UTC 2012
James James wrote:
> You 're right. The request return :
>
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base <cn=users,cn=accounts,dc=example,dc=com> with scope subtree
> # filter: uid=test
> # requesting: userPassword
> #
>
> # test, users, accounts, example.com <http://example.com>
> dn: uid=test,cn=users,cn=accounts,dc=example,dc=com
>
> # search result
> search: 2
> result: 0 Success
>
> Can you explain me what happens ?
>
> Is there a solution ?
When migrating you need to bind as a user that has read permission on
the userPassword attribute in the remote LDAP server.
rob
>
>
>
>
> 2012/9/20 Rob Crittenden <rcritten at redhat.com <mailto:rcritten at redhat.com>>
>
> Dmitri Pal wrote:
>
> On 09/20/2012 12:50 PM, James James wrote:
>
> Oups .. migration mode is enable ...
>
>
> The ldap (access, error) and kerberos logs from the server would be
> helpful to troubleshoot.
> /var/log/dirsrv/...
> krb5kdc.log
>
>
> This is usually seen when there is no password in LDAP.
>
> You can confirm this as Directory Manager:
>
> $ ldapsearch -x -D 'cn=Directory Manager' -W password -b
> cn=users,cn=accounts,dc=__example,dc=com uid=migrated_user userPassword
>
> rob
>
>
More information about the Freeipa-users
mailing list