[389-devel] Please review: #45: Fine Grained Password policy: if passwordHistory is on, deleting the password fails.

Noriko Hosoi nhosoi at redhat.com
Tue Apr 3 00:09:13 UTC 2012


https://fedorahosted.org/389/ticket/45

https://fedorahosted.org/389/attachment/ticket/45/0001-Trac-Ticket-45-Fine-Grained-Password-policy.patch

  Bug description: To allow replicating unhashed password, an internal
  entry contains the key value pair when the entry is newly added or
  the password is updated.  In that case, deleting the userpassword
  attribute leaves the unhashed password in the internal entry.
  If you attempt to add a new userpassword, the remaining unhashed
  password makes the attempt fail due to LDAP_TYPE_OR_VALUE_EXISTS.

  Fix description: This patch cleans up the unhashed password if a
  userpassword is deleted and the unhashed password is found in the
  internal entry.  If it does not exist, the deletion does nothing.
  (If the entry is read from the database, the unhashed password
  does not exist in the internal entry since it is not stored in
  the database.)




More information about the 389-devel mailing list