Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora Directory (http://www.linux-archive.org/fedora-directory/)
-   -   (Insufficient 'write' privileges to the 'userPassword') when executing passwd change (http://www.linux-archive.org/fedora-directory/491255-insufficient-write-privileges-userpassword-when-executing-passwd-change.html)

"Beamon, John" 02-18-2011 06:28 PM

(Insufficient 'write' privileges to the 'userPassword') when executing passwd change
 
As mentioned, I zeroed out the access log, executed one operation, and saw nothing but srch and result and bind operations in the access log.¬* I don‚Äôt find a modify or a write warning, and the error log is empty.
¬*
¬*
From: Rich Megginson [mailto:rmeggins@redhat.com]
Sent: Friday, February 18, 2011 1:44 PM
To: General discussion list for the 389 Directory server project.
Cc: Beamon, John
Subject: Re: [389-users] (Insufficient 'write' privileges to the 'userPassword') when executing passwd change
¬*
On 02/18/2011 11:18 AM, Beamon, John wrote:
This is a new install, straight from the docs with 4 boxes in an MMR setup.¬* Attempting a password change from a Linux command line, I get this feedback.¬*¬*$ passwdChanging password for user jbeamon.Enter login(LDAP) password:New UNIX password:Retype new UNIX password:LDAP password information update failed: Insufficient accessInsufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=jbeamon,ou=people,dc=example,dc=com'.¬*passwd : Permission denied¬*¬*I zeroed out the access and error logs in advance.¬* The error log was empty; the access log was nothing but SRCH, BIND, and RESULT entries for my account.¬* Nothing about access problems or attempted modifies.¬*A web search for this error message revealed one conversation in Jan 2009 that ended with "I fixed my aci and the problem went away".¬* I haven't knowingly changed any acis since install.¬* At the global level, user may change password.¬* At the userRoot suffix level, user can change password and fine-grained policy is enabled.¬* A password reset by directory manager succeeds and replicates around.¬* Does anyone else recognize this?Look for this sequence of operations in your directory server access log.


¬*-j¬*¬*--389 users mailing list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users¬*
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users


All times are GMT. The time now is 10:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.