Unless I'm interpreting the man pages, and documentation wrong there seems to be some issues with the dsidm utility. Perhaps I'm doing something wrong?
This works.
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account get-by-dn uid=mstarlingt,ou=People,dc=mydomain,dc=com
dn: uid=mstarlingt,ou=People,dc=mydomain,dc=com
cn: Mike Starling
gecos: Mike Starling test account
gidNumber: 100
givenName: Mike
homeDirectory: /home/mstarlingt
loginShell: /bin/ksh
mail: mstarling@mydomain.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
shadowExpire: 99999
shadowLastChange: 18857
shadowMax: 33
shadowWarning: 1
sn: Starling
uid: mstarlingt
uidNumber: 25574
#Password reset works
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account reset_password "uid=mstarlingt,ou=People,dc=mydomain,dc=com"
Enter new password for uid=mstarlingt,ou=People,dc=mydomain,dc=com :
CONFIRM - Enter new password for uid=mstarlingt,ou=People,dc=mydomain,dc=com :
reset password for uid=mstarlingt,ou=People,dc=mydomain,dc=com
#Unable to lock the account.
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account lock uid=mstarlingt
Error: No such object
I consult the help which says to specify the dn
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account lock -h
usage: dsidm instance account lock [-h] [dn]
positional arguments:
dn The dn to lock
optional arguments:
-h, --help show this help message and exit
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account lock uid=mstarlingt,ou=People,dc=mydomain,dc=com
Error: search_ext() argument 1 must be str, not None
I think this is a known bug (which was fixed). What version of python-lib389 is installed?
Thanks Mark.
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com account lock "uid=mstarlingt,ou=People,dc=mydomain,dc=com"
Error: search_ext() argument 1 must be str, not None
dsidm -W -D cn=manager -Z ldaps://labdsa101.athenahealth.com -b dc=mydomain,dc=com account lock "uid=mstarlingt"
I tried changing the base to the People OU where the account lives
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b ou=People,dc=mydomain,dc=com account lock "uid=mstarlingt,ou=People,dc=mydomain,dc=com"
Error: search_ext() argument 1 must be str, not None
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com user get
Enter uid to retrieve : mstarlingt
Error: No object exists given the filter criteria mstarlingt
What is in the access log?
Here's what I see in the logs.
Thanks,
Mark
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com user get
Enter uid to retrieve : uid=mstarlingt,ou=People,dc=mydomain,dc=com
Error: No object exists given the filter criteria uid=mstarlingt,ou=People,dc=mydomain,dc=com
dsidm -W -D cn=manager -Z ldaps://labdsa101.mydomain.com -b dc=mydomain,dc=com user get
Enter uid to retrieve : uid=mstarlingt
Error: No object exists given the filter criteria uid=mstarlingt
_______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
-- Directory Server Development Team