You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by David Filip <df...@colornet.com> on 2021/04/05 13:59:40 UTC
[ApacheDS] Changing Admin Pwd w/Directory Studio
Just installed a fresh copy of ApacheDS on Linux (2.0.0.AM26), and a fresh copy of Directory Studio on Mac (2.0.0.v20210213-M16).
Trying to follow Basic User Guide -- which appears to be slightly out-of-date based on the screen shots -- but I haven't been able to get past resetting the admin password from Directory Studio.
When I try, I receive the following error if I provide any password/method other then seceret/plain for uid=admn, ou=system:
org.apache.directory.studio.connection.core.io.StudioLdapException: [LDAP result code 16 - noSuchAttribute] NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
Message ID : 26
Modify Request
Object : 'uid=admin,ou=system'
Modifications :
Modification[0]
Operation : delete
Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
Modification[1]
Operation : add
Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
: ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
DESC 'RFC2256/2307: password of user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
USAGE userApplications )
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.toStudioLdapException(DirectoryApiConnectionWrapper.java:1356)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$4(DirectoryApiConnectionWrapper.java:1348)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:752)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1265)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1210)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.modifyEntry(DirectoryApiConnectionWrapper.java:764)
at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdifRecord(ImportLdifRunnable.java:503)
at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdif(ImportLdifRunnable.java:272)
at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.executeLdif(ExecuteLdifRunnable.java:157)
at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.run(ExecuteLdifRunnable.java:123)
at org.apache.directory.studio.ldapbrowser.core.jobs.UpdateEntryRunnable.run(UpdateEntryRunnable.java:59)
at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:129)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
Caused by: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
Message ID : 26
Modify Request
Object : 'uid=admin,ou=system'
Modifications :
Modification[0]
Operation : delete
Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
Modification[1]
Operation : add
Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
: ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
DESC 'RFC2256/2307: password of user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
USAGE userApplications )
at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2031)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1343)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$12(DirectoryApiConnectionWrapper.java:1339)
at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:748)
... 10 more
Obviously, userPassword is an existing attribute, so I'm not sure why I'm receiving this error. Since this is a refresh install, I'm wondering if this is a known issue, or if there is anything obvious that I need to check?
I get this same error either connecting to my Linux ActiveDS from Directory Studio running on my Mac, or starting and connecting to a local LDAP server on my Mac. My eventual goal is running the directory server on Linux, and using Directory Studio on my Mac, since my Linux server is headless. But again, even starting and connecting to a local ActiveDS on my Mac from Studio causes the same problem.
I was able to create a new partition, so it appears that I have write access to the server, and I am able to authenticate using the default 'secret' password. I just can't change the password through Studio.
Any ideas?
Thanks,
Dave
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by David Filip <df...@colornet.com>.
Stefan,
OK, thanks for the explanation!
However, if I add another user to another partition (e.g., I just manually created and entry for uid=foobar, o=sevenSeas), I can change the password through Studio.
So it is perhaps some special processing with uid=admin, since it (presumably) always has to have a password (?), so perhaps ... just guessing here ... the delete is failing? Again, just guessing, since I'm not sure why I can use Studio to change other (non-admin) user passwords.
Anyway, worst case, I can edit the LDIF file. I just thought it was odd to run into this, especially after a fresh install.
Regards,
Dave.
> On Apr 5, 2021, at 10:17 AM, Stefan Seelmann <ma...@stefan-seelmann.de> wrote:
>
> This has to do with a recent change in Studio where we don't send a
> "replace" operation but a "delete+add" operation.
>
> However I don't understand why the server doesn't find the the existing
> userPassword attribute.
>
> I'd suggest to use the "Password Modify" extended operation instead of
> editing the userPassword directly [2]:
> * Right-click the entry in the LDAP browser view
> * Select "Extended Operations" -> "Password Modify"
>
> I'll update the documentation page.
>
> Kind Regards,
> Stefan
>
> [1] https://issues.apache.org/jira/browse/DIRSTUDIO-744
> [2]
> https://issues.apache.org/jira/browse/DIRSTUDIO-648?focusedCommentId=17070455&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17070455
>
>
>
> On 4/5/21 3:59 PM, David Filip wrote:
>> Just installed a fresh copy of ApacheDS on Linux (2.0.0.AM26), and a fresh copy of Directory Studio on Mac (2.0.0.v20210213-M16).
>>
>> Trying to follow Basic User Guide -- which appears to be slightly out-of-date based on the screen shots -- but I haven't been able to get past resetting the admin password from Directory Studio.
>>
>> When I try, I receive the following error if I provide any password/method other then seceret/plain for uid=admn, ou=system:
>>
>> org.apache.directory.studio.connection.core.io.StudioLdapException: [LDAP result code 16 - noSuchAttribute] NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
>> Message ID : 26
>> Modify Request
>> Object : 'uid=admin,ou=system'
>> Modifications :
>> Modification[0]
>> Operation : delete
>> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
>> Modification[1]
>> Operation : add
>> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
>> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
>> DESC 'RFC2256/2307: password of user'
>> EQUALITY octetStringMatch
>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>> USAGE userApplications )
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.toStudioLdapException(DirectoryApiConnectionWrapper.java:1356)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$4(DirectoryApiConnectionWrapper.java:1348)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:752)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1265)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1210)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.modifyEntry(DirectoryApiConnectionWrapper.java:764)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdifRecord(ImportLdifRunnable.java:503)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdif(ImportLdifRunnable.java:272)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.executeLdif(ExecuteLdifRunnable.java:157)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.run(ExecuteLdifRunnable.java:123)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.UpdateEntryRunnable.run(UpdateEntryRunnable.java:59)
>> at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:129)
>> at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
>> Caused by: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
>> Message ID : 26
>> Modify Request
>> Object : 'uid=admin,ou=system'
>> Modifications :
>> Modification[0]
>> Operation : delete
>> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
>> Modification[1]
>> Operation : add
>> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
>> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
>> DESC 'RFC2256/2307: password of user'
>> EQUALITY octetStringMatch
>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>> USAGE userApplications )
>> at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2031)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1343)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$12(DirectoryApiConnectionWrapper.java:1339)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:748)
>> ... 10 more
>>
>>
>> Obviously, userPassword is an existing attribute, so I'm not sure why I'm receiving this error. Since this is a refresh install, I'm wondering if this is a known issue, or if there is anything obvious that I need to check?
>>
>> I get this same error either connecting to my Linux ActiveDS from Directory Studio running on my Mac, or starting and connecting to a local LDAP server on my Mac. My eventual goal is running the directory server on Linux, and using Directory Studio on my Mac, since my Linux server is headless. But again, even starting and connecting to a local ActiveDS on my Mac from Studio causes the same problem.
>>
>> I was able to create a new partition, so it appears that I have write access to the server, and I am able to authenticate using the default 'secret' password. I just can't change the password through Studio.
>>
>> Any ideas?
>>
>> Thanks,
>>
>> Dave
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
Hi Dave,
On 4/6/21 7:24 PM, David Filip wrote:
> Yes, you are probably right ... after I use Extended Operations => Modify Password ..., which defines an encryption hash, I can then use the Password Editor.
>
> Which just goes to prove that someone like you with years of experience with ApacheDS, can make better guesses than someone like me, with maybe two hours of experience with the product ... ;-)
It still a bug, so please feel free to create a Jira:
https://issues.apache.org/jira/projects/DIRSERVER
> Just two more notes:
>
> Root vs. Non-Root under Linux
>
> I tried creating a non-root user -- given that the default ports in the configuration are > 1024, specifically 10389 and 10636 -- but even after changing (I think!) all of the file ownerships and permissions (this is on Linux), I ran into some odd problems with files seeming be created with root permissions, and being unaccessible under the non-root user.
>
> It is possible that something kicked-off or started while I was in the middle of making the ownership changes -- although I didn't think so -- but was wonder if running ApacheDS is fully "supported" running under a non-root user (e.g., Linux)? Or is running under root preferred? Or should it really not matter?
>
> Nonetheless, I changed back to root, mostly because I like using port 389 for LDAP, but might want to change back to non-root in the future, since running services as root is usually not a good idea.
Do you use the tar.gz or zip archive? That works, I just unzipped it (as
my normal user so all files are owned by me) and started it.
For the bin/deb/rpm packages installers I don't know.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by David Filip <df...@colornet.com>.
Stefan,
Yes, you are probably right ... after I use Extended Operations => Modify Password ..., which defines an encryption hash, I can then use the Password Editor.
Which just goes to prove that someone like you with years of experience with ApacheDS, can make better guesses than someone like me, with maybe two hours of experience with the product ... ;-)
Just two more notes:
Root vs. Non-Root under Linux
I tried creating a non-root user -- given that the default ports in the configuration are > 1024, specifically 10389 and 10636 -- but even after changing (I think!) all of the file ownerships and permissions (this is on Linux), I ran into some odd problems with files seeming be created with root permissions, and being unaccessible under the non-root user.
It is possible that something kicked-off or started while I was in the middle of making the ownership changes -- although I didn't think so -- but was wonder if running ApacheDS is fully "supported" running under a non-root user (e.g., Linux)? Or is running under root preferred? Or should it really not matter?
Nonetheless, I changed back to root, mostly because I like using port 389 for LDAP, but might want to change back to non-root in the future, since running services as root is usually not a good idea.
Thanks,
Dave.
> On Apr 5, 2021, at 11:19 AM, Stefan Seelmann <ma...@stefan-seelmann.de> wrote:
>
> On 4/5/21 4:49 PM, David Filip wrote:
>> Also, when updating the documentation, Extended Operations => Password Modify does work successfully for uid=admin, ou=system
>>
>> And the Password Editor works correctly for other users in ou=system
>>
>> So it appears to be a problem unique to the admin user.
>
> More guessing from my side: it may have to do with the fact that the
> initial password (secret) is stored as plain text (Studio shows it as
> "Plain Text Password"). Once the password is changed and stored in its
> hashed form (there is a server-side interceptor that hashes the
> password) it's possible to change the password by editing the
> userPassword attribute.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
On 4/5/21 4:49 PM, David Filip wrote:
> Also, when updating the documentation, Extended Operations => Password Modify does work successfully for uid=admin, ou=system
>
> And the Password Editor works correctly for other users in ou=system
>
> So it appears to be a problem unique to the admin user.
More guessing from my side: it may have to do with the fact that the
initial password (secret) is stored as plain text (Studio shows it as
"Plain Text Password"). Once the password is changed and stored in its
hashed form (there is a server-side interceptor that hashes the
password) it's possible to change the password by editing the
userPassword attribute.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by David Filip <df...@colornet.com>.
Also, when updating the documentation, Extended Operations => Password Modify does work successfully for uid=admin, ou=system
And the Password Editor works correctly for other users in ou=system
So it appears to be a problem unique to the admin user.
> On Apr 5, 2021, at 10:17 AM, Stefan Seelmann <ma...@stefan-seelmann.de> wrote:
>
> This has to do with a recent change in Studio where we don't send a
> "replace" operation but a "delete+add" operation.
>
> However I don't understand why the server doesn't find the the existing
> userPassword attribute.
>
> I'd suggest to use the "Password Modify" extended operation instead of
> editing the userPassword directly [2]:
> * Right-click the entry in the LDAP browser view
> * Select "Extended Operations" -> "Password Modify"
>
> I'll update the documentation page.
>
> Kind Regards,
> Stefan
>
> [1] https://issues.apache.org/jira/browse/DIRSTUDIO-744
> [2]
> https://issues.apache.org/jira/browse/DIRSTUDIO-648?focusedCommentId=17070455&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17070455
>
>
>
> On 4/5/21 3:59 PM, David Filip wrote:
>> Just installed a fresh copy of ApacheDS on Linux (2.0.0.AM26), and a fresh copy of Directory Studio on Mac (2.0.0.v20210213-M16).
>>
>> Trying to follow Basic User Guide -- which appears to be slightly out-of-date based on the screen shots -- but I haven't been able to get past resetting the admin password from Directory Studio.
>>
>> When I try, I receive the following error if I provide any password/method other then seceret/plain for uid=admn, ou=system:
>>
>> org.apache.directory.studio.connection.core.io.StudioLdapException: [LDAP result code 16 - noSuchAttribute] NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
>> Message ID : 26
>> Modify Request
>> Object : 'uid=admin,ou=system'
>> Modifications :
>> Modification[0]
>> Operation : delete
>> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
>> Modification[1]
>> Operation : add
>> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
>> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
>> DESC 'RFC2256/2307: password of user'
>> EQUALITY octetStringMatch
>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>> USAGE userApplications )
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.toStudioLdapException(DirectoryApiConnectionWrapper.java:1356)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$4(DirectoryApiConnectionWrapper.java:1348)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:752)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1265)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1210)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.modifyEntry(DirectoryApiConnectionWrapper.java:764)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdifRecord(ImportLdifRunnable.java:503)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdif(ImportLdifRunnable.java:272)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.executeLdif(ExecuteLdifRunnable.java:157)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.run(ExecuteLdifRunnable.java:123)
>> at org.apache.directory.studio.ldapbrowser.core.jobs.UpdateEntryRunnable.run(UpdateEntryRunnable.java:59)
>> at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:129)
>> at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
>> Caused by: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
>> Message ID : 26
>> Modify Request
>> Object : 'uid=admin,ou=system'
>> Modifications :
>> Modification[0]
>> Operation : delete
>> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
>> Modification[1]
>> Operation : add
>> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
>> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
>> DESC 'RFC2256/2307: password of user'
>> EQUALITY octetStringMatch
>> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
>> USAGE userApplications )
>> at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2031)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1343)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$12(DirectoryApiConnectionWrapper.java:1339)
>> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:748)
>> ... 10 more
>>
>>
>> Obviously, userPassword is an existing attribute, so I'm not sure why I'm receiving this error. Since this is a refresh install, I'm wondering if this is a known issue, or if there is anything obvious that I need to check?
>>
>> I get this same error either connecting to my Linux ActiveDS from Directory Studio running on my Mac, or starting and connecting to a local LDAP server on my Mac. My eventual goal is running the directory server on Linux, and using Directory Studio on my Mac, since my Linux server is headless. But again, even starting and connecting to a local ActiveDS on my Mac from Studio causes the same problem.
>>
>> I was able to create a new partition, so it appears that I have write access to the server, and I am able to authenticate using the default 'secret' password. I just can't change the password through Studio.
>>
>> Any ideas?
>>
>> Thanks,
>>
>> Dave
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
> For additional commands, e-mail: users-help@directory.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org
Re: [ApacheDS] Changing Admin Pwd w/Directory Studio
Posted by Stefan Seelmann <ma...@stefan-seelmann.de>.
This has to do with a recent change in Studio where we don't send a
"replace" operation but a "delete+add" operation.
However I don't understand why the server doesn't find the the existing
userPassword attribute.
I'd suggest to use the "Password Modify" extended operation instead of
editing the userPassword directly [2]:
* Right-click the entry in the LDAP browser view
* Select "Extended Operations" -> "Password Modify"
I'll update the documentation page.
Kind Regards,
Stefan
[1] https://issues.apache.org/jira/browse/DIRSTUDIO-744
[2]
https://issues.apache.org/jira/browse/DIRSTUDIO-648?focusedCommentId=17070455&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17070455
On 4/5/21 3:59 PM, David Filip wrote:
> Just installed a fresh copy of ApacheDS on Linux (2.0.0.AM26), and a fresh copy of Directory Studio on Mac (2.0.0.v20210213-M16).
>
> Trying to follow Basic User Guide -- which appears to be slightly out-of-date based on the screen shots -- but I haven't been able to get past resetting the admin password from Directory Studio.
>
> When I try, I receive the following error if I provide any password/method other then seceret/plain for uid=admn, ou=system:
>
> org.apache.directory.studio.connection.core.io.StudioLdapException: [LDAP result code 16 - noSuchAttribute] NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
> Message ID : 26
> Modify Request
> Object : 'uid=admin,ou=system'
> Modifications :
> Modification[0]
> Operation : delete
> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
> Modification[1]
> Operation : add
> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
> DESC 'RFC2256/2307: password of user'
> EQUALITY octetStringMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
> USAGE userApplications )
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.toStudioLdapException(DirectoryApiConnectionWrapper.java:1356)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$4(DirectoryApiConnectionWrapper.java:1348)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:752)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1265)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1210)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.modifyEntry(DirectoryApiConnectionWrapper.java:764)
> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdifRecord(ImportLdifRunnable.java:503)
> at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdif(ImportLdifRunnable.java:272)
> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.executeLdif(ExecuteLdifRunnable.java:157)
> at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.run(ExecuteLdifRunnable.java:123)
> at org.apache.directory.studio.ldapbrowser.core.jobs.UpdateEntryRunnable.run(UpdateEntryRunnable.java:59)
> at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:129)
> at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)
> Caused by: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: NO_SUCH_ATTRIBUTE: failed for MessageType : MODIFY_REQUEST
> Message ID : 26
> Modify Request
> Object : 'uid=admin,ou=system'
> Modifications :
> Modification[0]
> Operation : delete
> Modification : userPassword: 0x73 0x65 0x63 0x72 0x65 0x74
> Modification[1]
> Operation : add
> Modification : userPassword: 0x62 0x72 0x61 0x7A 0x69 0x6C 0x38 0x35
> : ERR_56 Cannot remove an absent value from attribute : attributetype ( 2.5.4.35 NAME 'userPassword'
> DESC 'RFC2256/2307: password of user'
> EQUALITY octetStringMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
> USAGE userApplications )
> at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2031)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1343)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$12(DirectoryApiConnectionWrapper.java:1339)
> at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:748)
> ... 10 more
>
>
> Obviously, userPassword is an existing attribute, so I'm not sure why I'm receiving this error. Since this is a refresh install, I'm wondering if this is a known issue, or if there is anything obvious that I need to check?
>
> I get this same error either connecting to my Linux ActiveDS from Directory Studio running on my Mac, or starting and connecting to a local LDAP server on my Mac. My eventual goal is running the directory server on Linux, and using Directory Studio on my Mac, since my Linux server is headless. But again, even starting and connecting to a local ActiveDS on my Mac from Studio causes the same problem.
>
> I was able to create a new partition, so it appears that I have write access to the server, and I am able to authenticate using the default 'secret' password. I just can't change the password through Studio.
>
> Any ideas?
>
> Thanks,
>
> Dave
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@directory.apache.org
For additional commands, e-mail: users-help@directory.apache.org