[389-users] add user aci problem
Mark Reynolds
mareynol at redhat.com
Mon Nov 10 19:10:39 UTC 2014
On 11/10/2014 12:22 PM, Alberto Viana wrote:
> 389-Directory/1.3.2.17 <http://1.3.2.17> B2014.182.124
>
>
> I'm trying to add an user (whitout using the manager, with a regular
> user):
>
> Without any aci:
>
> ldap_add: Insufficient access (50)
> additional info: Insufficient 'add' privilege to the 'userPassword'
> attribute
>
>
> My aci:
>
> dn: ou=test,dc=my,dc=domain
> changetype: modify
> add: aci
> aci: (targetattr = "*") (target = "ldap:///test,dc=my,dc=domain")
> (version 3.0;acl "POP-AL write permission";allow (all) (userdn =
> "ldap:///uid=my_user,ou=app,dc=my,dc=domain");)
>
> Also tried without "target" with same result.
>
> ldap_add: Constraint violation (19)
> additional info: invalid password syntax - passwords with storage
> scheme are not allowed
Hi Alberto
Only a Password Administrator or the root dn(cn=directory manager) can
add prehashed passwords. Please see this doc for more info:
http://www.port389.org/docs/389ds/design/password-administrator.html
Regards,
Mark
>
>
> I have an older server 389-Directory/1.3.2.17 <http://1.3.2.17>
> B2014.182.124, and this works fine.
> What am I missing in the newer version? Or is that a bug?
>
> Thanks
>
> Alberto Viana
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20141110/4010285a/attachment.html>
More information about the 389-users
mailing list