[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-software
Subject:    Re: ldappasswd not changing old userPassword entry
From:       "Kurt D. Zeilenga" <Kurt () OpenLDAP ! org>
Date:       2003-02-27 16:24:32
[Download RAW message or body]

At 07:28 AM 2/26/2003, Florian Stahl wrote:
>Hi all,
>
>ldappasswd -h hostname -x -v -D "cn=manager,dc=checkerei,dc=net" -W -S
>"cn=florian,ou=people,dc=checkerei,dc=net"
>
>works fine and I get a SSHA encrypted userPassword attribute for the above
>cn
>
>but when I try to change the old password to a new one with
>
>ldappasswd -h hostname -x -v -D "cn=manager,dc=checkerei,dc=net" -W -A -S
>"cn=florian,ou=people,dc=checkerei,dc=net"
>
>or
>
>ldappasswd -h hostname -x -v -D
>"cn=florian,ou=people,dc=checkerei,dc=net" -W -A -S
>"cn=florian,ou=people,dc=checkerei,dc=net"
>
>after entering the old passwd and new passwd twice plus the bind passwd for
>cn=manager
>I get an ignorant "DSA is unwilling to perform - use bind to verify old
>password"

It means "try again without providing the old password as part
of the password modify operation".  That is, don't specify
a -A (or -a) option.

(These options exist to interoperate with non-OpenLDAP servers
which demand the old password even though the user has already
provided it using the bind operation.)

>I am pretty new to OpenLDAP, so I might be doing complete bogus.
>
>any hints would be highly appreciated
>
>
>kind regardes
>
>florian
>(fstahl@xantury.com)

[prev in list] [next in list] [prev in thread] [next in thread]