[Freeipa-users] question about password migration from ldap
David Lin
linhai88 at stanford.edu
Thu May 28 09:47:07 UTC 2015
Hi,
I am try to migrate from openldap to freeipa. Everything seems to be
working except the password. I understand that when migrating from
openldap, the hashed form the the passwords are migrated, but a Kerberos
hash is not generated until the user logs in using sssd or through the
ipa/migration web ui. However, the users are not able to login in
either form using their existing password, from the directory server
log, the only weird thing I see is
[28/May/2015:02:40:04 -0700] conn=112 op=0 RESULT err=0 tag=120
nentries=0 etime=0
[28/May/2015:02:40:04 -0700] conn=112 TLS1.0 128-bit AES
[28/May/2015:02:40:04 -0700] conn=112 op=1 BIND
dn="uid=[user_name_here],cn=users,cn=accounts,dc=[omitted],dc=[omitted],dc=[omitted]"
method=128 version=3
[28/May/2015:02:40:04 -0700] conn=112 op=1 RESULT err=48 tag=97
nentries=0 etime=0
[28/May/2015:02:40:04 -0700] conn=112 op=2 UNBIND
[28/May/2015:02:40:04 -0700] conn=112 op=2 fd=90 closed - U1
What does err=48 mean?
I do have
ipa config-mod --enable-migration=TRUE
Thanks,
David
More information about the Freeipa-users
mailing list