[jira] Commented: (DIRSERVER-1143) ldappasswd fails to bind

Wed, 05 Mar 2008 06:21:02 -0800 

    [ 
https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12575354#action_12575354
 ] 

Emmanuel Lecharny commented on DIRSERVER-1143:
----------------------------------------------

Testing the default server (default configuration), and trying to change the 
password using ldappasswd, here is what I get :

$ ldappasswd -x -D 'uid=admin,ou=system' -h localhost -p 10389 -s test -w secret
Result: Protocol error (2)
Additional info: Unrecognized extended operation EXTENSION_OID: 
1.3.6.1.4.1.4203.1.11.1

This is pretty clear we don't support this extended request.

We do have some changepw layer, directly connected to the kerberos stack, but 
it's a different beast.

We have to dig this issue, I think this is on our roadmap, or if it's not, it 
might be added.

This is described in RFC 3062.

> ldappasswd fails to bind
> ------------------------
>
>                 Key: DIRSERVER-1143
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.5.1
>         Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
>            Reporter: Martin Schuster
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
>         additional info: Bind failed: null
> and the logfile says:
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO 
> [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not 
> correct for user 'uid=admin,ou=system'
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO 
> [org.apache.directory.server.core.authn.AuthenticationService] - 
> Authenticator class 
> org.apache.directory.server.core.authn.SimpleAuthenticator failed to 
> authenticate uid=admin,ou=system
> INFO   | jvm 1    | 2008/03/05 14:44:43 | [14:44:43] INFO 
> [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind 
> to the server 
> but the password is correct, using it with e.g. ldapsearch or 
> ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel Lécharny said in a mail to [EMAIL PROTECTED]:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to