<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 11/13/2014 07:26 AM, Mark Reynolds
wrote:<br>
</div>
<blockquote cite="mid:5464BF8D.2010901@redhat.com" type="cite">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<br>
<div class="moz-cite-prefix">On 11/13/2014 07:22 AM, Alberto Viana
wrote:<br>
</div>
<blockquote
cite="mid:CAD5whWcSxsJkcS-jjjE+58zUmLHpvaxBrz9KBgHwf54Dn2=1Kw@mail.gmail.com"
type="cite">
<div dir="ltr">Mark,
<div><br>
</div>
<div>It works, but when I do a ldapserch to this entry, it
shows me that:</div>
<div><br>
</div>
<div>passwordAdminDN:: C9cq90J/<br>
</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">Is the expected behavior?</div>
</div>
</blockquote>
Hi Alberto,<br>
<br>
Yeah this is a known bug (the value is being base64 encoded), but
the feature should still work correctly though.<br>
<br>
Regards,<br>
Mark<br>
</blockquote>
<br>
What is the value supposed to be? A human readable DN?<br>
<br>
$ python<br>
>>> import base64<br>
>>> base64.b64decode('C9cq90J/')<br>
'\x0b\xd7*\xf7B\x7f'<br>
<br>
That doesn't look like a DN - it looks like random bytes.<br>
<br>
<blockquote cite="mid:5464BF8D.2010901@redhat.com" type="cite">
<blockquote
cite="mid:CAD5whWcSxsJkcS-jjjE+58zUmLHpvaxBrz9KBgHwf54Dn2=1Kw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">I put a group on it. In 389-console
show even more strange characters :)</div>
<div class="gmail_extra"><br>
</div>
<div class="gmail_extra">Thanks</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, Nov 10, 2014 at 5:10 PM,
Mark Reynolds <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:mareynol@redhat.com" target="_blank">mareynol@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class=""> <br>
<div>On 11/10/2014 12:22 PM, Alberto Viana wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>
<div>389-Directory/<a moz-do-not-send="true"
href="http://1.3.2.17" target="_blank">1.3.2.17</a>
B2014.182.124</div>
</div>
<div><br>
</div>
<div><br>
</div>
I'm trying to add an user (whitout using the
manager, with a regular user):
<div>
<div><br>
</div>
<div>Without any aci:</div>
<div><br>
</div>
<div>
<div>ldap_add: Insufficient access (50)</div>
<div><span style="white-space:pre-wrap"> </span>additional
info: Insufficient 'add' privilege to the
'userPassword' attribute</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>My aci:</div>
<div><br>
</div>
<div>
<div>dn: ou=test,dc=my,dc=domain</div>
<div>changetype: modify</div>
<div>add: aci</div>
<div>aci: (targetattr = "*") (target = <a
moz-do-not-send="true">"ldap:///test,dc=my,dc=domain"</a>)
(version 3.0;acl "POP-AL write
permission";allow (all) (userdn = <a
moz-do-not-send="true">"ldap:///uid=my_user,ou=app,dc=my,dc=domain"</a>);)</div>
<div><br>
</div>
<div>Also tried without "target" with same
result.</div>
</div>
<div><br>
</div>
<div>
<div>ldap_add: Constraint violation (19)</div>
<div><span style="white-space:pre-wrap"> </span>additional
info: invalid password syntax - passwords
with storage scheme are not allowed</div>
</div>
</div>
</div>
</blockquote>
</span> Hi Alberto<br>
<br>
Only a Password Administrator or the root
dn(cn=directory manager) can add prehashed passwords.
Please see this doc for more info:<br>
<br>
<a moz-do-not-send="true"
href="http://www.port389.org/docs/389ds/design/password-administrator.html"
target="_blank">http://www.port389.org/docs/389ds/design/password-administrator.html</a><br>
<br>
Regards,<br>
Mark<br>
<blockquote type="cite"><span class="">
<div dir="ltr">
<div>
<div><br>
</div>
<div><br>
</div>
<div>I have an older server 389-Directory/<a
moz-do-not-send="true"
href="http://1.3.2.17" target="_blank">1.3.2.17</a>
B2014.182.124, and this works fine.</div>
<div>What am I missing in the newer version?
Or is that a bug?</div>
<div><br>
</div>
<div>Thanks</div>
<div><br>
</div>
<div>Alberto Viana</div>
<div><br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span><span class=""><font color="#888888">
<pre>--
389 users mailing list
<a moz-do-not-send="true" href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a>
<a moz-do-not-send="true" href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</font></span></blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
389 users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
389 users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a>
<a class="moz-txt-link-freetext" href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a></pre>
</blockquote>
<br>
</body>
</html>