Thanks for the tip. Everything seems OK in that area.
I put the LTB code on a debugger and determined that I’m getting an LDAP error
50 from the AD server (Win2KR2) when this happens, and furthermore, it only
happens when the user trying to change their password is a Domain Admin. I
think this particular error means the user trying to change the password has
insufficient privileges to make the change. Seems to work fine with the other
users as far as I can tell. This must be some Microsoft update that subtly
changed something somewhere.
Very odd….
Gray
Gray McCord
Adapt, Mutate, Migrate, or Die
-C. Darwin
From: <[email protected]> on behalf of Scott Owen
<[email protected]>
Reply-To: "General discussions and help for Ldap Tool Box (LTB) - Start here!"
<[email protected]>
Date: Tuesday, October 18, 2016 at 4:54 PM
To: "General discussions and help for Ldap Tool Box (LTB) - Start here!"
<[email protected]>
Subject: Re: [Ltb-users] Problem with reset by token
Check for group membership requirements in your LDAP setup in the ssp config.
On Tuesday, October 18, 2016, Gray McCord <[email protected]> wrote:
I have been using ltb self-service password with an AD LDAP server for several
years with no problems. Today, one of my users told me that he could not use
the send token method to reset his password. He gets the email with a proper
link and the page shows up as expected prompting him for a new password with
his proper username displayed. However, when he submits his new password, he
gets a “password was refused by the LDAP directory” error message. I verified
this and also determined that the regular password change form has the same
behavior. As I said, this has not been a problem for the 3 years I’ve been
using the program. To make this even more interesting, some users do not have
this problem and can successfully set and change their passwords.
First, has anyone seen this kind of thing, and what exactly does that
particular error message mean? (I get what it means; I want to know what
behavior triggers the message) Second, can anyone provide any tips on how I
might go about troubleshooting this?
Thanks!
Gray
Gray McCord
Adapt, Mutate, Migrate, or Die
-C. Darwin
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean. _______________________________________________ ltb-users
mailing list [email protected]
http://lists.ltb-project.org/listinfo/ltb-users
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
ltb-users mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-users
