On Mon, 2017-02-13 at 12:51 +0200, Todor Petkov wrote:
On Mon, Feb 13, 2017 at 1:26 AM, William Brown
<wibrown(a)redhat.com> wrote:
> Do you mind posting the ldif? Have you tried using ldapadd -f <your
> ldif> to the server to see what that says.
>
> This is likely that some part of schema is being violated, so should be
> easy to resolve :)
Hello,
seems if I give the password as:
userpassword: {SSHA}47l/wCYK8N0DgyKl9Ax+QDQGPMbkOHJa3daALw==
It gives and error, but:
userpassword: cleartextpass
Unless you have nsslapd-allow-hashed-passwords: on (cn=config), you can
not provide a pre-hashed password in an ldapadd/modify operation.
I would advise that setting the cleartextpass and letting DS do the hash
and store is a better procedure, but it's up to you. If you want to
pre-create the password with pwdhash, and set allow hashed passwords, go
for it.
Hope that helps.
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane