If I perform a ldapsearch with IBMUSER it works If I perform same with my id that has the SPECIAL attribute I get this message in SYSLOG.
ICH408I USER(MYID ) GROUP(MYGROUP ) NAME(ME ) 383 LOGON/JOB INITIATION - PASS PHRASE IS NOT VALID We are not using password phrases. Does LDAP require it? Tim -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Donald J. Sent: Wednesday, 22 October, 2014 8:54 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: ldapchangepwd You are not supplying valid bind credentials. Suggest you get any ldapsearch to work first using TESTUSER's bind credentials. Then the password can be changed with just the addition of /newpwd after the current password on the ldapsearch. -- Donald J. dona...@4email.net On Wed, Oct 22, 2014, at 11:52 AM, Tim Brown wrote: > If I use > > sh /bin/ldapsearch -h 127.0.0.1 -p 389 -s base > -w oldpwd/newpwd > -D "racfid=TESTUSER,profiletype=user,sysplex=sysplex1" > "(objectclass=*)" ; > > > I get > > ldap_sasl_bind: Credentials are not valid > > ldap_sasl_bind: additional info: R000104 The password is not correct > or the user is not completely defined (missing password or uid) > (srv_authenticate_native > > > Tim > -----Original Message----- > From: IBM Mainframe Discussion List > [https://urldefense.proofpoint.com/v1/url?u=http://mailto:IBM-MAIN%40LISTSERV.UA.EDU&k=pCpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6ctgNHLxNs%3D%0A&m=Scr1WE%2BLEQqN8jqirNoad8Dd2fOlRSen92yxFgBRtzo%3D%0A&s=029d104f6db3b54d062a7183c4c2d3086bbc5e6923736cbdfb31282e9ce8abed] > On Behalf Of Donald J. > Sent: Wednesday, 22 October, 2014 7:58 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: ldapchangepwd > > -n show what would be done but don't actually search > > -n is not newpwd > > ldapsearch -h mvs7 -D racfid=jojo123,profiletype=user,cn=MVS7SUFF > -w oldpwd/newwd -s base -b "" objectclass=* > > This command should work from any platform. > The ldapchangpwd is probably mainframe only. > > -- > Donald J. > dona...@4email.net > > On Wed, Oct 22, 2014, at 04:23 AM, Tim Brown wrote: > > This gets a 0 but the password is still the old one > > > > sh /bin/ldapsearch -h 127.0.0.1 -p 389 -s base > > -w oldpwd > > -n oldpwd > > -D "racfid=TESTUSER,profiletype=user,sysplex=sysplex1" > > "(objectclass=*)" ; > > > > Tim > > > > -----Original Message----- > > From: IBM Mainframe Discussion List > > [https://urldefense.proofpoint.com/v1/url?u=http://mailto:IBM-MAIN%40LISTSERV.UA.EDU&k=pCpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6ctgNHLxNs%3D%0A&m=LvtsCzDNCf75euyc4fzn5EL5io%2BAybqG25QdZY9UXRM%3D%0A&s=834b9e0b9d05ee05e89e6f00605419e0203a44ff27e3c9f47248ecb9186369b2] > > On Behalf Of Donald J. > > Sent: Tuesday, 21 October, 2014 4:38 PM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: ldapchangepwd > > > > That would be your SUFFIX parameter value. > > > > -- > > Donald J. > > dona...@4email.net > > > > On Tue, Oct 21, 2014, at 01:30 PM, Tim Brown wrote: > > > Thanks , where is RACFSY7 referred to in DSCONFIG? > > > > > > -----Original Message----- > > > From: IBM Mainframe Discussion List > > > [https://urldefense.proofpoint.com/v1/url?u=http://mailto:IBM-MAIN%40LISTSERV.UA.EDU&k=pCpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6ctgNHLxNs%3D%0A&m=ZeARdsZMMXsaihBVF4w4otzQdqnzQnWZOfvpQ%2FfX%2FFY%3D%0A&s=05dc0b981d58253ccd44b3282c2354b893a58a1d3407a8fb674904a90e2a9cb2] > > > On Behalf Of Donald J. > > > Sent: Tuesday, 21 October, 2014 4:12 PM > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > Subject: Re: ldapchangepwd > > > > > > This works for me: > > > > > > ldapsearch -h mvs7 -D racfid=jojo123,profiletype=user,cn=RACFSY7 > > > -w oldpwd/ oldpwd -s base -b "" objectclass=* > > > > > > -- > > > Donald J. > > > dona...@4email.net > > > > > > On Tue, Oct 21, 2014, at 07:58 AM, Tim Brown wrote: > > > > Attempting to use ldapchangepwd. Any idea what is causing error? > > > > > > > > ldapchangepwd -D "cn=TESTUSER,o=IBM,c=US" -w ? -n ? -h > > > > 127.0.0.1 -p > > > > 389 > > > > > > > > Enter current password ==> old > > > > Enter new password ==> new > > > > > > > > ldap_sasl_bind: Credentials are not valid > > > > ldap_sasl_bind: additional info: R004062 Credentials are not > > > > valid > > > > (ldbm_authenticate_user:252) > > > > > > > > Thanks, > > > > > > > > Tim Brown > > > > > > > > > > > > > > > > > > > > ---------------------------------------------------------------- > > > > -- > > > > -- > > > > -- For IBM-MAIN subscribe / signoff / archive access > > > > instructions, send email to lists...@listserv.ua.edu with the > > > > message: INFO IBM-MAIN > > > > > > -- > > > https://urldefense.proofpoint.com/v1/url?u=http://www.fastmail.fm/ > > > &k > > > =p > > > CpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7 > > > EC > > > 6c > > > tgNHLxNs%3D%0A&m=ZLd7j94zTyQxa%2FVaBKKyHfxrRdjH%2FDYQ0OKhKqpVTKM%3 > > > D% > > > 0A > > > &s=c46847a5cd0a26892078bc3d6e22a0bf2d595a9220741a4c514743596b3c7c0 > > > f > > > - Send your email first class > > > > > > ------------------------------------------------------------------ > > > -- > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO > > > IBM-MAIN > > > > > > ------------------------------------------------------------------ > > > -- > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO > > > IBM-MAIN > > > > -- > > https://urldefense.proofpoint.com/v1/url?u=http://www.fastmail.fm/&k=pCpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6ctgNHLxNs%3D%0A&m=ZeARdsZMMXsaihBVF4w4otzQdqnzQnWZOfvpQ%2FfX%2FFY%3D%0A&s=55c4f8f8f3de4baea66c410bd628464608789b1d23bb7c45612bc8cf586295ad > > - Faster than the air-speed velocity of an > > unladen european swallow > > > > -------------------------------------------------------------------- > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO > > IBM-MAIN > > > > -------------------------------------------------------------------- > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO > > IBM-MAIN > > -- > https://urldefense.proofpoint.com/v1/url?u=http://www.fastmail.fm/&k=p > CpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6c > tgNHLxNs%3D%0A&m=LvtsCzDNCf75euyc4fzn5EL5io%2BAybqG25QdZY9UXRM%3D%0A&s > =d877b98c46adaefb7c5be86bb0f81f48d2d62a625bc4fd752772814962ca64f8 - > Email service worth paying for. Try it for free > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- https://urldefense.proofpoint.com/v1/url?u=http://www.fastmail.fm/&k=pCpgOv%2FKLW5dYRss05kLEw%3D%3D%0A&r=tQq0J85k4w4CeO1cI0sWanGhPyb3Fq7EC6ctgNHLxNs%3D%0A&m=Scr1WE%2BLEQqN8jqirNoad8Dd2fOlRSen92yxFgBRtzo%3D%0A&s=f7f14895bd1fdfd5ea2790830d7422b001d0f08e8313c0285e486e9e9a57ec1b - IMAP accessible web-mail ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
