[horde] Regarding LDAP password change trouble.

Jan Schneider jan at horde.org
Mon Jun 15 19:42:39 UTC 2015 

Zitat von Pro Green European <pro_green_european at yahoo.com>:

> Hi.
>
> I've recently switched over authentication from standard  
> passwd/shadow to LDAP (Directory Server 389).
>
> When I try changing the password as an authenticated user trough the  
> horde/passwd module, the following information is written in the  
> error log:
>
> [15/Jun/2015:11:09:51 +0300] conn=2261 fd=71 slot=71 connection from  
> ::1 to ::1
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=0 BIND dn="cn=directory  
> manager" method=128 version=3
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=0 RESULT err=0 tag=97  
> nentries=0 etime=0 dn="cn=directory manager"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=1 SRCH base="" scope=0  
> filter="(objectClass=*)" attrs="vendorName vendorVersion  
> namingContexts altServer supportedExtension supportedControl  
> supportedSASLMechanisms supportedLDAPVersion subschemaSubentry"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=1 RESULT err=0 tag=101  
> nentries=1 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=2 BIND dn="cn=directory  
> manager" method=128 version=3
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=2 RESULT err=0 tag=97  
> nentries=0 etime=0 dn="cn=directory manager"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=3 SRCH  
> base="ou=People,dc=local,dc=tld" scope=1  
> filter="(&(objectClass=posixAccount)(uid=user001))" attrs="uid"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=3 RESULT err=0 tag=101  
> nentries=1 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=4 BIND  
> dn="uid=user001,ou=People,dc=local,dc=tld" method=128 version=3
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=4 RESULT err=0 tag=97  
> nentries=0 etime=0 dn="uid=user001,ou=people,dc=local,dc=tld"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=5 SRCH  
> base="ou=People,dc=local,dc=tld" scope=1  
> filter="(&(objectClass=posixAccount)(uid=user001))" attrs="uid"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=5 RESULT err=0 tag=101  
> nentries=1 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=6 SRCH  
> base="ou=People,dc=local,dc=tld" scope=0 filter="(objectClass=*)"  
> attrs="pwdlastset shadowMax shadowMin shadowLastChange shadowWarning  
> passwordExpirationTime"
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=6 RESULT err=0 tag=101  
> nentries=1 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=7 SRCH  
> base="uid=user001,ou=People,dc=local,dc=tld" scope=0  
> filter="(objectClass=*)" attrs=ALL
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=7 RESULT err=0 tag=101  
> nentries=1 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=8 RESULT err=19 tag=103  
> nentries=0 etime=0
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=8 MOD  
> dn="uid=user001,ou=People,dc=local,dc=tld", invalid password syntax

                                               ^^^^^^^^^^^^^^^^^^^^^^^
That error message is pretty clear. You configured an incorrect  
password format in backends.local.php.

> [15/Jun/2015:11:09:51 +0300] conn=2261 op=9 UNBIND
> [15/Jun/2015:11:09:51 +0300] conn=2261 op=9 fd=71 closed - U1
>
> Changing the password with the administrative account, then the  
> password is updated without any problems.
>
> Password encryptions scheme is:
>
> $conf['auth']['params']['encryption'] = 'crypt';
>
>
> What could cause an issue like this?
>
> All pear modules are latest. System is Centos7, Apache 2.4 & PHP is  
> 5.4.16-23. Selinux is in enforcing mode (no errors).
>
>
>
> BR,
> /PGE
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org



-- 
Jan Schneider
The Horde Project
http://www.horde.org/
https://www.facebook.com/hordeproject

More information about the horde mailing list