[prev in list] [next in list] [prev in thread] [next in thread] 

List:       forgerock-opendj
Subject:    Re: [Opendj] OpenDJ26 - userPassword value changing
From:       Zico <mailzico () gmail ! com>
Date:       2015-10-16 16:19:37
Message-ID: CA+1bt6Qxip42=bRBBKxJSOt6+BaKSZnda3XyucdHH_=0JVQzOg () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On Thu, Sep 24, 2015 at 5:24 AM, Chris Ridd <chris.ridd@forgerock.com>
wrote:

>
> > On 23 Sep 2015, at 17:04, Zico <mailzico@gmail.com> wrote:
> >
> > Hi,
> >
> > I am trying to import few users from one server to another. The new
> server is OpenDJ 2.6.0. Most of the import went well but 'userPassword'
> SSHA value is changing for every entry.
> >
> > My 'allow-pre-encoded-passwords' is 'True'.
> >
> > Anyone can suggest anything on how I can keep the encrypted SSHA value
> same for this attribute through ldif import?
>
> The import-ldif command should preserve any passwords that are already
> encoded with a compatible scheme in the input LDIF.
>
> If the input LDIF has plaintext passwords, you need to configure the
> "Password Policy Import" plugin as this controls how the import-ldif
> command hashes plaintext passwords.
>

Thanks Chris. Sorry for late response...

Yes, my old server has 'userPassword: {SSHA}mVKLF......'

and even after importing I am getting exactly same 'userPassword:
{SSHA}mVKLF....' now.

But still whenever I am trying to login with this user I am getting...
"[16/Oct/2015:16:16:42 +0000] BIND RES conn=6 op=4 msgID=5 result=49
authFailureID=196887 authFailureReason="The password provided by the user
did not match any password(s) stored in the user's entry"



> Chris
> _______________________________________________
> OpenDJ mailing list
> OpenDJ@forgerock.org
> https://lists.forgerock.org/mailman/listinfo/opendj
>



-- 
Best,
Zico

[Attachment #5 (text/html)]

<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Sep \
24, 2015 at 5:24 AM, Chris Ridd <span dir="ltr">&lt;<a \
href="mailto:chris.ridd@forgerock.com" \
target="_blank">chris.ridd@forgerock.com</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span \
class=""><br> &gt; On 23 Sep 2015, at 17:04, Zico &lt;<a \
href="mailto:mailzico@gmail.com">mailzico@gmail.com</a>&gt; wrote:<br> &gt;<br>
&gt; Hi,<br>
&gt;<br>
&gt; I am trying to import few users from one server to another. The new server is \
OpenDJ 2.6.0. Most of the import went well but &#39;userPassword&#39; SSHA value is \
changing for every entry.<br> &gt;<br>
&gt; My &#39;allow-pre-encoded-passwords&#39; is &#39;True&#39;.<br>
&gt;<br>
&gt; Anyone can suggest anything on how I can keep the encrypted SSHA value same for \
this attribute through ldif import?<br> <br>
</span>The import-ldif command should preserve any passwords that are already encoded \
with a compatible scheme in the input LDIF.<br> <br>
If the input LDIF has plaintext passwords, you need to configure the &quot;Password \
Policy Import" plugin as this controls how the import-ldif command hashes plaintext \
passwords.<br></blockquote><div><br></div><div>Thanks Chris. Sorry for late \
response... <br><br>Yes, my old server has &#39;userPassword: {SSHA}mVKLF......&#39;  \
<br><br></div><div>and even after importing I am getting exactly same \
&#39;userPassword: {SSHA}mVKLF....&#39; now.  </div><div><br></div><div>But still \
whenever I am trying to login with this user I am getting... \
&quot;[16/Oct/2015:16:16:42 +0000] BIND RES conn=6 op=4 msgID=5 result=49 \
authFailureID=196887 authFailureReason=&quot;The password provided by the user did \
not match any password(s) stored in the user&#39;s entry&quot;  \
</div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px \
0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
 <br>
Chris<br>
_______________________________________________<br>
OpenDJ mailing list<br>
<a href="mailto:OpenDJ@forgerock.org">OpenDJ@forgerock.org</a><br>
<a href="https://lists.forgerock.org/mailman/listinfo/opendj" rel="noreferrer" \
target="_blank">https://lists.forgerock.org/mailman/listinfo/opendj</a><br> \
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature">Best,<br>Zico</div> </div></div>



_______________________________________________
OpenDJ mailing list
OpenDJ@forgerock.org
https://lists.forgerock.org/mailman/listinfo/opendj


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic