You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "David Coutadeur (Jira)" <ji...@apache.org> on 2022/03/17 15:56:00 UTC

[jira] [Commented] (DIRSTUDIO-1284) Error while executing LDIF - [LDAP result code 53 - unwillingToPerform] - Must supply correct old password to change to new one

    [ https://issues.apache.org/jira/browse/DIRSTUDIO-1284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17508267#comment-17508267 ] 

David Coutadeur commented on DIRSTUDIO-1284:
--------------------------------------------

I have also reproduced the same error.

In accordance with the password policy draft ([https://datatracker.ietf.org/doc/html/draft-behera-ldap-password-policy-10),] it is possible to change the password by a simple "LDAP modify" operation, but in this context, if you do a delete + add, it means that you are providing the previous password in the delete operation.

And when you provide the previous password, it is going to be verified by the password policy.

Thus, as Apache Directory Studio provides the previous password as a hash, the password policy can't verify it, which results in the given error:

{color:#000000}53: Must supply correct old password to change to new one{color}


 

Apache Directory Studio should modify this behaviour and send the password modification as a unique "replace" operation

> Error while executing LDIF - [LDAP result code 53 - unwillingToPerform] - Must supply correct old password to change to new one
> -------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DIRSTUDIO-1284
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1284
>             Project: Directory Studio
>          Issue Type: Bug
>          Components: studio-ldifeditor
>    Affects Versions: 2.0.0-M17
>         Environment: Mac OS 11.4, running on a MacBook Pro (16-inch, 2019)
>            Reporter: Katie Golan
>            Priority: Major
>             Fix For: 2.0.0-M15
>
>         Attachments: Screen Shot 2021-07-06 at 9.22.13 AM.jpg, Screen Shot 2021-07-28 at 3.36.39 PM.png, screenshot-1.png
>
>
> The current version of Apache Directory Studio (2.0.0.v20210717-M17) seems to have a bug with password resets. I’ve confirmed that version {{2.0.0.v20200411-M15}} does not have this bug.
>  # In Password Editor, the same password is entered for "Enter New Password" and "Confirm New Password"
>  # When you click "OK", the following error results:
> "Error while executing LDIF
>  - [LDAP result code 53 - unwillingToPerform] Must supply correct old password to change to new one"
>  
>  * I successfully reset the password for User A on version M15.
>  * After upgrading to version M17, I got the above error when attempting a password reset for User A.
>  * I then uninstalled Apache, rebooted, and reinstalled version M15.
>  * After M15 reinstall, I was able to successfully reset User A's password again.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org