You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Pierre-Arnaud Marcelot (JIRA)" <ji...@apache.org> on 2010/09/06 09:50:34 UTC

[jira] Issue Comment Edited: (DIRSERVER-1543) Password Policy forbid to import entries with a non clear text password

    [ https://issues.apache.org/jira/browse/DIRSERVER-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12906442#action_12906442 ] 

Pierre-Arnaud Marcelot edited comment on DIRSERVER-1543 at 9/6/10 3:48 AM:
---------------------------------------------------------------------------

Like Emmanuel, I think the default value for this property should be '0'.
It could be very misleading for a user to have LDIF imports failing because of this at the first run of Apache DS.
At least, it was for both of us when we put the finger on it...

Is the default value still '2' ?

      was (Author: pamarcelot):
    Like Emmanuel, I think the default value for this property should be '0'.
It could be very misleading for a user to have LDIF imports failing because of this at the first run of Apache DS.
At least, it was for both of us when we put the finger on it...
  
> Password Policy forbid to import entries with a non clear text password
> -----------------------------------------------------------------------
>
>                 Key: DIRSERVER-1543
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1543
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-RC1
>            Reporter: Emmanuel Lecharny
>            Assignee: Kiran Ayyagari
>            Priority: Critical
>             Fix For: 2.0.0-RC1
>
>
> If we try to import a LDIF file containing entries with an encrypted password, we get a failure :
> #!RESULT ERROR
> #!CONNECTION ldap://iktek:10389
> #!DATE 2010-08-19T16:33:01.575
> #!ERROR [LDAP: error code 19 - CONSTRAINT_VIOLATION: failed for     Add Request : Entry     dn[n]: uid=elecharny,ou=People,dc=iktek,dc=com     objectClass: organizationalPerson     objectClass: person     objectClass: inetOrgPerson     objectClass: top     uid: elecharny     mail: elecharny@apache.org     sn: Lecharny     userPassword: '0x7B 0x53 0x53 0x48 0x41 0x7D 0x72 0x32 0x56 0x4C 0x75 0x55 0x52 0x6C 0x75 0x46 ...'     cn: Emmanuel Lecharny     givenName: Emmanuel    : cannot verify the quality of the non-cleartext passwords]
> dn: uid=elcharny,ou=People,dc=iktek,dc=com
> changetype: add
> objectClass: organizationalPerson
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: top
> mail: elecharny@apache.org
> givenName: Emmanuel
> uid: seelmann
> userPassword: {SSHA}wnfS3DVTFB/FVbBwC47WfQNn29WN/.....
> sn: Lecharny
> cn: Emmanuel lecharny
> Seems like we should disable the password policy when it's not plain text...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.