Re: [Cpu-users] Error when trying to add a user password interactively
Brought to you by:
matheny
Menu
▾
▴
Re: [Cpu-users] Error when trying to add a user password interactively
|
From: Terrence M. <tm...@ph...> - 2003-09-25 18:59:05
|
Well if I putting in the wrong password I am doing it consistently with
one way of setting the user password and not the other.
root@llama /usr/local/src# cpu -w useradd -p test
Please enter the LDAP bind password:
Please enter desired user password:
ldap: ldapOperation: ldap_bind_s: Invalid credentials (49)
ldap: CPU_init: Error in ldapOperation.
Something went wrong. Exiting.
You have new mail in /var/spool/mail/root
root@llama /usr/local/src# cpu -w useradd -p test
Please enter the LDAP bind password:
Please enter desired user password:
ldap: ldapOperation: ldap_bind_s: Invalid credentials (49)
ldap: CPU_init: Error in ldapOperation.
Something went wrong. Exiting.
root@llama /usr/local/src# cpu -w useradd -p test
Please enter the LDAP bind password:
Please enter desired user password:
ldap: ldapOperation: ldap_bind_s: Invalid credentials (49)
ldap: CPU_init: Error in ldapOperation.
Something went wrong. Exiting.
root@llama /usr/local/src# cpu -w useradd -ptest test
Please enter the LDAP bind password:
User test successfully added!
So the question is could this have to do with ACL's in my LDAP directory
and how I set pw?
Failed Log
Sep 25 11:54:26 llama slapd[2213]: conn=2432 fd=21 ACCEPT from
IP=127.0.0.1:32860 (IP=0.0.0.0:389)
Sep 25 11:54:26 llama slapd[2443]: conn=2432 op=0 BIND
dn="cn=Admin,dc=physics,dc=ucsd,dc=edu" method=128
Sep 25 11:54:26 llama slapd[2443]: conn=2432 op=0 RESULT tag=97 err=49 text=
Sep 25 11:54:26 llama slapd[2213]: conn=2432 fd=21 closed
Sep 25 11:54:46 llama slapd[2213]: conn=2433 fd=21 ACCEPT from
IP=127.0.0.1:32861 (IP=0.0.0.0:389)
Sep 25 11:54:46 llama slapd[4908]: conn=2433 op=0 BIND
dn="cn=Admin,dc=physics,dc=ucsd,dc=edu" method=128
Sep 25 11:54:46 llama slapd[4908]: conn=2433 op=0 RESULT tag=97 err=49 text=
Sep 25 11:54:46 llama slapd[2213]: conn=2433 fd=21 closed
Sep 25 11:55:24 llama slapd[2434]: conn=2434 op=3 SRCH attr=cn
userPassword memberUid uniqueMember gidNumber
Sep 25 11:55:24 llama slapd[2434]: conn=2434 op=3 SEARCH RESULT tag=101
err=0 nentries=0 text=
Sep 25 11:55:24 llama slapd[2213]: conn=2434 fd=21 closed
Success Log
Sep 25 11:56:31 llama slapd[2213]: conn=2435 fd=21 ACCEPT from
IP=127.0.0.1:32862 (IP=0.0.0.0:389)
Sep 25 11:56:31 llama slapd[2443]: conn=2435 op=0 BIND
dn="cn=Admin,dc=physics,dc=ucsd,dc=edu" method=128
Sep 25 11:56:31 llama slapd[2443]: conn=2435 op=0 BIND
dn="cn=Admin,dc=physics,dc=ucsd,dc=edu" mech=simple ssf=0
Sep 25 11:56:31 llama slapd[2443]: conn=2435 op=0 RESULT tag=97 err=0 text=
Sep 25 11:56:31 llama slapd[4908]: conn=2435 op=1 SRCH
base="ou=People,dc=physics,dc=ucsd,dc=edu" scope=2 filter="(uidNumber=5010)"
... lots of uid searching ensues....
Sep 25 11:57:34 llama slapd[4355]: conn=2435 op=1071 SRCH attr=gidNumber
Sep 25 11:57:34 llama slapd[4355]: conn=2435 op=1071 SEARCH RESULT
tag=101 err=0 nentries=1 text=
Sep 25 11:57:34 llama slapd[4906]: conn=2435 op=1072 SRCH
base="ou=Group,dc=physics,dc=ucsd,dc=edu" scope=2 filter="(gidNumber=5545)"
Sep 25 11:57:34 llama slapd[4906]: conn=2435 op=1072 SRCH attr=gidNumber
Sep 25 11:57:34 llama slapd[4906]: conn=2435 op=1072 SEARCH RESULT
tag=101 err=0 nentries=0 text=
Sep 25 11:57:34 llama slapd[2434]: conn=2435 op=1073 ADD
dn="cn=test2,ou=Group,dc=physics,dc=ucsd,dc=edu"
Sep 25 11:57:34 llama slapd[2434]: conn=2435 op=1073 RESULT tag=105
err=0 text=
Sep 25 11:57:34 llama slapd[2443]: conn=2435 op=1074 ADD
dn="uid=test2,ou=People,dc=physics,dc=ucsd,dc=edu"
Sep 25 11:57:34 llama slapd[2443]: conn=2435 op=1074 RESULT tag=105
err=0 text=
Sep 25 11:57:34 llama slapd[2213]: conn=2435 fd=21 closed
Sep 25 11:57:37 llama slapd[4908]: conn=828 op=291 SRCH
base="dc=physics,dc=ucsd,dc=edu" scope=2
filter="(&(objectClass=posixAccount)(uidNumber=5004))"
Sep 25 11:57:37 llama slapd[4908]: conn=828 op=291 SRCH attr=uid
userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
description objectClass
Sep 25 11:57:37 llama slapd[4908]: conn=828 op=291 SEARCH RESULT tag=101
err=0 nentries=1 text=
Here are my ACL's. I explicitly restrict access to the userPassword
field for security reasons, ie if you are not said user you cannot see
the hash. However why one method works and the other does not is odd.
# Restrict userPassword to be used for auth only, but allow users to
modify their passwords
access to attrs=userPassword
by self write
by * auth
# Default simple acl
access to *
by * read
Terrence
Blake Matheny wrote:
>[duke 8] bmatheny > cpu -w useradd -p test
>Please enter the LDAP bind password:
>Please enter desired user password:
>
>User test successfully added!
>
>[duke 9] bmatheny > cpu -w cat
>Please enter the LDAP bind password:
>User Accounts
>blake:x:100:100::/home/blake:/bin/bash
>blah:x:4506:5511::/home/blah:/bin/bash
>test:x:6099:5947::/home/test:/bin/bash
>
>Group Entries
>blake:x:100:
>blah:x:5511:
>test:x:8114:
>
>[duke 10] bmatheny > cpu --version
>CPU 1.4.1
>Written by Blake Matheny
>Copyright 2001, 2002, 2003
>
>
>Is it possible you entered the wrong password for the first one there? It
>works for me, is anyone else having this problem? What version are you using?
>
>-Blake
>
>Whatchu talkin' 'bout, Willis?
>
>
>>I am having problems when trying to set a user accounts password
>>interactively.
>>
>>root@llama /usr/local/src# cpu -w useradd -p test
>>Please enter the LDAP bind password:
>>Please enter desired user password:
>>
>>ldap: ldapOperation: ldap_bind_s: Invalid credentials (49)
>>ldap: CPU_init: Error in ldapOperation.
>>Something went wrong. Exiting.
>>root@llama /usr/local/src# gq &
>>[4] 11748
>>root@llama /usr/local/src# cpu -w useradd -ptest test
>>Please enter the LDAP bind password:
>>User test successfully added!
>>root@llama /usr/local/src#
>>
>>Any ideas?
>>
>>Terrence
>>
>>
>>
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>>_______________________________________________
>>Cpu-users mailing list
>>Cpu...@li...
>>https://lists.sourceforge.net/lists/listinfo/cpu-users
>>
>>
>
>
>
|
