your SSL cert or your DNS is bad. TLS requires full forward and revers
lookup of the C name for the host to match one of the host names in
the SSL cert.
On Wed, Jan 22, 2014 at 3:08 PM, Chaudhari, Rohit K.
I'm not using kerberos. The other suggestion about using
to the error:
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
Additional info: TLS: hostname does not match CN in peer certificate
Is there a way to create a JNDI equivalent command so that I could add a
checkbox to a Java GUI that basically toggles the "force password change
after reset" checkbox built into the password policy in 389?
On 1/22/14 10:49 AM, "Paul Robert Marino" <prmarino1(a)gmail.com> wrote:
>sorry thats not possible.
>If you are using Kerberos then you can do it via the kadmin command.
>If not then you have to use one of several other tools like the admin
>console or ldapmodify for example.
>On Wed, Jan 22, 2014 at 9:06 AM, Chaudhari, Rohit K.
>> I need to be able to reset a LDAP user's password if they forget it
>> user root. But when I try the "passwd" command as root for a LDAP
>> get the following:
>> (as root)
>> passwd tuser
>> Changing password for user tuser.
>> Password reset by root is not supported.
>> passwd: Authentication token manipulation error.
>> I am using sssd as the LDAP authentication mechanism tool, to be
>> Does anyone have a solution to dealing with this issue of resetting a
>> user's password if they forgot it?
>> From: <Chaudhari>, "Rohit K. Chaudhari"
>> Date: Tuesday, January 21, 2014 3:29 PM
>> To: "General discussion list for the 389 Directory server project."
>> Subject: using passwd with 389
>> I want to be able to use the Unix "passwd" command to reset a LDAP
>> password from the command line. However, I keep getting an
>> token manipulation error whenever I try to reset the password using that
>> command. What do I need to do in the 389 DS or on Unix in order to get
>> command to work?
>> 389 users mailing list
>389 users mailing list
389 users mailing list