You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Dio Rodriguez <dr...@Initiatesystems.com> on 2009/02/13 21:36:52 UTC
LDAP-Browser: userPassword disappear bug or not?
Hello,
Working within the LDAP Browser
(http://directory.apache.org/studio/ldap-browser-plugin.html),
is it expected behavior that the userPassword attribute disappear from
the entry editor after
changing the currently logged in user's password?
This behavior would force the currently logged in user to
re-authenticate in order to change
his/her password again.
Similarly, if the currently logged in user has insufficient privileges
to change a different user's password,
the userPassword attribute for that other user also disappears
(effectively removing the capability)
Thanks,
Dio
Re: LDAP-Browser: userPassword disappear bug or not?
Posted by Emmanuel Lecharny <el...@apache.org>.
Dio Rodriguez wrote:
> Hello,
>
> Working within the LDAP Browser
> (http://directory.apache.org/studio/ldap-browser-plugin.html),
>
> is it expected behavior that the userPassword attribute disappear from
> the entry editor after
>
> changing the currently logged in user's password?
>
Yes. It's a protection against people looking over your shoulder.
> This behavior would force the currently logged in user to
> re-authenticate in order to change
>
> his/her password again.
>
Yes, this is intended.
>
>
> Similarly, if the currently logged in user has insufficient privileges
> to change a different user's password,
>
> the userPassword attribute for that other user also disappears
> (effectively removing the capability)
>
Not sure I understand what you mean here ... Can you give a more precise
scenario ?
Thanks !
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
Re: LDAP-Browser: userPassword disappear bug or not?
Posted by Stefan Seelmann <se...@apache.org>.
Hi Dio,
Dio Rodriguez wrote:
> Hello,
>
> Working within the LDAP Browser
> (http://directory.apache.org/studio/ldap-browser-plugin.html),
>
> is it expected behavior that the userPassword attribute disappear from
> the entry editor after
>
> changing the currently logged in user's password?
>
The userPassword attribute disappears because your LDAP server doesn't
return it. So what LDAP server are you using? Check if it is expected
behaviour of your LDAP server. Also its access control settings.
> This behavior would force the currently logged in user to
> re-authenticate in order to change
>
> his/her password again.
>
Makes sense.
>
>
> Similarly, if the currently logged in user has insufficient privileges
> to change a different user's password,
>
> the userPassword attribute for that other user also disappears
> (effectively removing the capability)
>
As before, it depends on your LDAP server and its access control.
Kind Regards,
Stefan
Re: LDAP-Browser: userPassword disappear bug or not?
Posted by Stefan Seelmann <se...@apache.org>.
Hi Dio,
Dio Rodriguez wrote:
> Hello,
>
> Working within the LDAP Browser
> (http://directory.apache.org/studio/ldap-browser-plugin.html),
>
> is it expected behavior that the userPassword attribute disappear from
> the entry editor after
>
> changing the currently logged in user's password?
>
The userPassword attribute disappears because your LDAP server doesn't
return it. So what LDAP server are you using? Check if it is expected
behaviour of your LDAP server. Also its access control settings.
> This behavior would force the currently logged in user to
> re-authenticate in order to change
>
> his/her password again.
>
Makes sense.
>
>
> Similarly, if the currently logged in user has insufficient privileges
> to change a different user's password,
>
> the userPassword attribute for that other user also disappears
> (effectively removing the capability)
>
As before, it depends on your LDAP server and its access control.
Kind Regards,
Stefan