[Freeipa-users] Ipa migration, from ui cannot change password
James James
jreg2k at gmail.com
Thu Sep 20 22:09:55 UTC 2012
Now, I can read the userPassword field (after the migration process) but I
still can't change my password from the ui. I just got :
kerberos ticket is no longer valid.
2012/9/20 James James <jreg2k at gmail.com>
> It will be fine to have this info in the doc.
>
>
> 2012/9/20 Rob Crittenden <rcritten at redhat.com>
>
>> Dmitri Pal wrote:
>>
>>> On 09/20/2012 01:42 PM, Rob Crittenden wrote:
>>>
>>>> James James wrote:
>>>>
>>>>> You 're right. The request return :
>>>>>
>>>>> Enter LDAP Password:
>>>>> # extended LDIF
>>>>> #
>>>>> # LDAPv3
>>>>> # base <cn=users,cn=accounts,dc=**example,dc=com> with scope subtree
>>>>> # filter: uid=test
>>>>> # requesting: userPassword
>>>>> #
>>>>>
>>>>> # test, users, accounts, example.com <http://example.com>
>>>>> dn: uid=test,cn=users,cn=accounts,**dc=example,dc=com
>>>>>
>>>>> # search result
>>>>> search: 2
>>>>> result: 0 Success
>>>>>
>>>>> Can you explain me what happens ?
>>>>>
>>>>> Is there a solution ?
>>>>>
>>>>
>>>> When migrating you need to bind as a user that has read permission on
>>>> the userPassword attribute in the remote LDAP server.
>>>>
>>>
>>> Rob should we check if we can read the userPassword attribute and if not
>>> fail migration?
>>> Should we open a ticket for this?
>>> Also I do not think we document the expectation that you vocalized above.
>>>
>>
>> I'll open a ticket to spell this out in the docs.
>>
>> Checking it in the command would be nice but I don't know about fatal.
>> Still, I'll open a ticket for that as well.
>>
>> rob
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120921/9b5f80cd/attachment.htm>
More information about the Freeipa-users
mailing list