You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Kiran Ayyagari (JIRA)" <ji...@apache.org> on 2010/08/19 20:13:18 UTC
[jira] Commented: (DIRSERVER-1543) Password Policy forbid to import
entries with a non clear text password
[ https://issues.apache.org/jira/browse/DIRSERVER-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12900382#action_12900382 ]
Kiran Ayyagari commented on DIRSERVER-1543:
-------------------------------------------
The attribute 'pwdCheckQuality' when set to '2' (this is the default in our default ppolicy) refuses to accept any non-clear text passwords.
Setting this value to 1 will accept the hashed passwords.
> Password Policy forbid to import entries with a non clear text password
> -----------------------------------------------------------------------
>
> Key: DIRSERVER-1543
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1543
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-RC1
> Reporter: Emmanuel Lecharny
> Priority: Critical
> Fix For: 2.0.0-RC1
>
>
> If we try to import a LDIF file containing entries with an encrypted password, we get a failure :
> #!RESULT ERROR
> #!CONNECTION ldap://iktek:10389
> #!DATE 2010-08-19T16:33:01.575
> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for Add Request : Entry dn[n]: uid=elecharny,ou=People,dc=iktek,dc=com objectClass: organizationalPerson objectClass: person objectClass: inetOrgPerson objectClass: top uid: elecharny mail: elecharny@apache.org sn: Lecharny userPassword: '0x7B 0x53 0x53 0x48 0x41 0x7D 0x72 0x32 0x56 0x4C 0x75 0x55 0x52 0x6C 0x75 0x46 ...' cn: Emmanuel Lecharny givenName: Emmanuel : cannot verify the quality of the non-cleartext passwords]
> dn: uid=elcharny,ou=People,dc=iktek,dc=com
> changetype: add
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> mail: elecharny@apache.org
> givenName: Emmanuel
> uid: seelmann
> userPassword: {SSHA}wnfS3DVTFB/FVbBwC47WfQNn29WN/.....
> sn: Lecharny
> cn: Emmanuel lecharny
> Seems like we should disable the password policy when it's not plain text...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.