On 11/13/2014 07:26 AM, Mark Reynolds wrote:
On 11/13/2014 07:22 AM, Alberto Viana wrote:
> Mark,
>
> It works, but when I do a ldapserch to this entry, it shows me that:
>
> passwordAdminDN:: C9cq90J/
>
> Is the expected behavior?
Hi Alberto,
Yeah this is a known bug (the value is being base64 encoded), but the
feature should still work correctly though.
Regards,
Mark
What is the value supposed to be? A human readable DN?
$ python
>> import base64
>> base64.b64decode('C9cq90J/')
'\x0b\xd7*\xf7B\x7f'
That doesn't look like a DN - it looks like random bytes.
>
> I put a group on it. In 389-console show even more strange characters :)
>
> Thanks
>
> On Mon, Nov 10, 2014 at 5:10 PM, Mark Reynolds <mareynol(a)redhat.com
> <mailto:mareynol@redhat.com>> wrote:
>
>
> On 11/10/2014 12:22 PM, Alberto Viana wrote:
>> 389-Directory/1.3.2.17 <
http://1.3.2.17> B2014.182.124
>>
>>
>> I'm trying to add an user (whitout using the manager, with a
>> regular user):
>>
>> Without any aci:
>>
>> ldap_add: Insufficient access (50)
>> additional info: Insufficient 'add' privilege to the
>> 'userPassword' attribute
>>
>>
>> My aci:
>>
>> dn: ou=test,dc=my,dc=domain
>> changetype: modify
>> add: aci
>> aci: (targetattr = "*") (target =
>> "ldap:///test,dc=my,dc=domain") (version 3.0;acl "POP-AL
write
>> permission";allow (all) (userdn =
>> "ldap:///uid=my_user,ou=app,dc=my,dc=domain");)
>>
>> Also tried without "target" with same result.
>>
>> ldap_add: Constraint violation (19)
>> additional info: invalid password syntax - passwords with
>> storage scheme are not allowed
> Hi Alberto
>
> Only a Password Administrator or the root dn(cn=directory
> manager) can add prehashed passwords. Please see this doc for
> more info:
>
>
http://www.port389.org/docs/389ds/design/password-administrator.html
>
> Regards,
> Mark
>>
>>
>> I have an older server 389-Directory/1.3.2.17 <
http://1.3.2.17>
>> B2014.182.124, and this works fine.
>> What am I missing in the newer version? Or is that a bug?
>>
>> Thanks
>>
>> Alberto Viana
>>
>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
<mailto:389-users@lists.fedoraproject.org>
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users