FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 05-05-2011, 09:55 PM
Diego Woitasen
 
Default Bug in console?

On Thu, May 5, 2011 at 6:40 PM, Rich Megginson <rmeggins@redhat.com> wrote:







On 05/05/2011 03:38 PM, Diego Woitasen wrote:
Hi,
*I have 389 DS working with Window Sync against Windows 2003.
It works fine, including the password replication. Anyway I
found that (obviusly) the password replication from 389 to AD
works only if the client changes the password using "Password
Modify (RFC 3062) extended operation". This works with the
Python module or the ldappasswd utility.



*The problem is the Admin Console. When you changes the
user's password from the console, I see a MOD operation in the
log file, and obviusly the password is not replicated to AD.

As long as the new password sent to the server is clear text, it
should not matter if you use a regular LDAP modify or the password
change extop.





*Shall I file a bug report or Am I missing something?



Regards,
*Diego


--

Diego Woitasen



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users






Ok. I haven't looked at the code of the console because I don't program in Java. I couldn't see the traffic because I use TLS/SSL.
If the replication doesn't work when I change the password from the 389 Admin Console, I think that the password is not in clear text on the modify operation.

Regards,*Diego
--
Diego Woitasen


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-05-2011, 09:58 PM
Rich Megginson
 
Default Bug in console?

On 05/05/2011 03:55 PM, Diego Woitasen wrote:




On Thu, May 5, 2011 at 6:40 PM, Rich
Megginson <rmeggins@redhat.com>
wrote:



On 05/05/2011 03:38 PM, Diego Woitasen
wrote:
Hi,
*I have 389 DS working with Window Sync against
Windows 2003. It works fine, including the password
replication. Anyway I found that (obviusly) the
password replication from 389 to AD works only if the
client changes the password using "Password Modify
(RFC 3062) extended operation". This works with the
Python module or the ldappasswd utility.



*The problem is the Admin Console. When you changes
the user's password from the console, I see a MOD
operation in the log file, and obviusly the password
is not replicated to AD.


As long as the new password sent to the server is clear
text, it should not matter if you use a regular LDAP modify
or the password change extop.






*Shall I file a bug report or Am I missing
something?



Regards,
*Diego


--

Diego Woitasen




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users








Ok. I haven't looked at the code of the console because I don't
program in Java. I couldn't see the traffic because I use TLS/SSL.



If the replication doesn't work when I change the password
from the 389 Admin Console, I think that the password is not in
clear text on the modify operation.

Either that, or the console is doing a modify delete followed by a
modify add.* This type of userPassword operation is not replicated.*
This bug is fixed in 1.2.8.3 now in testing.





Regards,
*Diego


--

Diego Woitasen




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 07:11 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org