[Fedora-directory-users] userPassword is base64 encoded
Andreas Hasenack
ahasenack at terra.com.br
Wed Jun 8 01:30:42 UTC 2005
Em Terça 07 Junho 2005 21:58, Sævaldur Gunnarsson escreveu:
> I posted the following on the samba-users mailing list:
> --
>
> I'm switching from OpenLDAP to the newly released Fedora Directory
> Server (formely known as the Netscape Directory Server) as a LDAP
> backend for my Samba domain.
>
> I'm now faced with a problem regarding how Fedora DS handles the
> userPassword field.
> Unlike OpenLDAP it encodes it in base64 so instead of reading
> userPassword: {SSHA}8FZY4LdYi1f1oA5YgDw/+h/Rmy0mEeyO
> it reads:
> userPassword:: e1NTSEF9OEZaWTRMZFlpMWYxb0E1WWdEdy8raC9SbXkwbUVleU8=
That shouldn't pose a problem by itself. Note the double colons (::),
indicating that this is base64.
> [2005/06/07 19:27:45, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1731)
> ldapsam_update_sam_account: failed to modify user with uid = gg,
> error: Current passwd must be supplied by the user.
> (Success)
Samba binds to the DS as the admin server and then just attempts to overwrite
the userPassword attribute (I assume you have ldap sync turned on). It seems
DS doesn't like it: it requires the current password first. Perhaps there is
some configuration change that can help.
More information about the 389-users
mailing list