You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Martin Schuster (JIRA)" <ji...@apache.org> on 2008/03/05 14:47:40 UTC
[jira] Created: (DIRSERVER-1143) ldappasswd fails to bind
ldappasswd fails to bind
------------------------
Key: DIRSERVER-1143
URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.1
Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
Reporter: Martin Schuster
# ldappasswd -a foobar -x -D 'uid=admin,ou=system'
ldap_bind: Invalid credentials (49)
additional info: Bind failed: null
and the logfile says:
INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not correct for user 'uid=admin,ou=system'
INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to authenticate uid=admin,ou=system
INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind to the server
but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
The same problem occurs with a test-user, it's not specific to uid=admin
Emmanuel Lécharny said in a mail to users@directory.apache.org:
> The ldappasswd is using an extended request, described by RFC 3062.
> I _think_ we support this RFC, but it may be buggy
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1143) ldappasswd fails to bind
Posted by "Kiran Ayyagari (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kiran Ayyagari updated DIRSERVER-1143:
--------------------------------------
Fix Version/s: 2.0.0-RC2
(was: 2.0.0-RC1)
Moving to 2.0,0-RC2
> ldappasswd fails to bind
> ------------------------
>
> Key: DIRSERVER-1143
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
> Reporter: Martin Schuster
> Fix For: 2.0.0-RC2
>
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
> additional info: Bind failed: null
> and the logfile says:
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not correct for user 'uid=admin,ou=system'
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to authenticate uid=admin,ou=system
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind to the server
> but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel Lécharny said in a mail to users@directory.apache.org:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1143) ldappasswd fails to bind
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1143:
-----------------------------------------
Fix Version/s: 2.0.0
RFC 3062 will be implemented in 2.0. No time to include it in 1.5.2.
> ldappasswd fails to bind
> ------------------------
>
> Key: DIRSERVER-1143
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
> Reporter: Martin Schuster
> Fix For: 2.0.0
>
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
> additional info: Bind failed: null
> and the logfile says:
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not correct for user 'uid=admin,ou=system'
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to authenticate uid=admin,ou=system
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind to the server
> but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel Lécharny said in a mail to users@directory.apache.org:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1143) ldappasswd fails to bind
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1143:
-----------------------------------------
Fix Version/s: 2.0.0-RC1
(was: 2.0.0)
Moved back to 2.0.0-RC1
> ldappasswd fails to bind
> ------------------------
>
> Key: DIRSERVER-1143
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
> Reporter: Martin Schuster
> Fix For: 2.0.0-RC1
>
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
> additional info: Bind failed: null
> and the logfile says:
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not correct for user 'uid=admin,ou=system'
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to authenticate uid=admin,ou=system
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind to the server
> but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel Lécharny said in a mail to users@directory.apache.org:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1143) ldappasswd fails to bind
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12575354#action_12575354 ]
Emmanuel Lecharny commented on DIRSERVER-1143:
----------------------------------------------
Testing the default server (default configuration), and trying to change the password using ldappasswd, here is what I get :
$ ldappasswd -x -D 'uid=admin,ou=system' -h localhost -p 10389 -s test -w secret
Result: Protocol error (2)
Additional info: Unrecognized extended operation EXTENSION_OID: 1.3.6.1.4.1.4203.1.11.1
This is pretty clear we don't support this extended request.
We do have some changepw layer, directly connected to the kerberos stack, but it's a different beast.
We have to dig this issue, I think this is on our roadmap, or if it's not, it might be added.
This is described in RFC 3062.
> ldappasswd fails to bind
> ------------------------
>
> Key: DIRSERVER-1143
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1143
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: apacheds-server-1.5.1-x86_64.rpm on RHEL5
> Reporter: Martin Schuster
>
> # ldappasswd -a foobar -x -D 'uid=admin,ou=system'
> ldap_bind: Invalid credentials (49)
> additional info: Bind failed: null
> and the logfile says:
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.SimpleAuthenticator] - Password not correct for user 'uid=admin,ou=system'
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Authenticator class org.apache.directory.server.core.authn.SimpleAuthenticator failed to authenticate uid=admin,ou=system
> INFO | jvm 1 | 2008/03/05 14:44:43 | [14:44:43] INFO [org.apache.directory.server.core.authn.AuthenticationService] - Cannot bind to the server
> but the password is correct, using it with e.g. ldapsearch or ApacheDirectoryStudio works.
> The same problem occurs with a test-user, it's not specific to uid=admin
> Emmanuel Lécharny said in a mail to users@directory.apache.org:
> > The ldappasswd is using an extended request, described by RFC 3062.
> > I _think_ we support this RFC, but it may be buggy
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.