You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Set local password policy entry:
dn: cn="cn=nsPwPolicyEntry,ou=People,dc=example,dc=com",
cn=nsPwPolicyContainer,ou=People,dc=example,dc=com
...
passwordStorageScheme: CLEAR
passwordChange: on
...
Deleting password with password supplied for user uid=test_user0,ou=People,dc=example,dc=com
ldap_modify: Insufficient access
ldap_modify: additional info: Insufficient 'write' privilege to the 'unhashed#user#password' attribute of entry 'uid=test_user0,ou=People,dc=example,dc=com'.
DS version: 389-ds-base-1.2.11.13-1.el6.x86_64
This is already covered by pwdmodify/pwdmodify-qa.sh bug834047_1
The text was updated successfully, but these errors were encountered:
Bug Description: Setting CLEAR to the passwordStrageScheme, then
deleting a userpassword with the value fails due to the lack of
right to delete the corresponding pseudo attribute.
Fix Description: Skip evaluating the aci of the pseudo attribute
in the deletion as being done in the replacement.
Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/455
See also related https://fedorahosted.org/389/ticket/45.
Steps to reproduce:
Set local password policy entry:
dn: cn="cn=nsPwPolicyEntry,ou=People,dc=example,dc=com",
cn=nsPwPolicyContainer,ou=People,dc=example,dc=com
...
passwordStorageScheme: CLEAR
passwordChange: on
...
Add new user to ou=People,dc=example,dc=com
ldapmodify -h localhost -p 389 -D "cn=directory manager" -w dirmanager -a <<EOF
dn: uid=test_user1,ou=People,dc=example,dc=com
objectClass: top
objectClass: person
objectClass: inetorgperson
objectClass: organizationalPerson
uid: test_user1
cn: test1
sn: user1
userPassword: testpassword
EOF
ldapmodify -h localhost -p 389 -D "uid=test_user1,ou=People,dc=example,dc=com" -w testpassword <<EOF
dn: uid=test_user0,ou=People,dc=example,dc=com
changetype: modify
delete: userPassword
userPassword: testpassword
Deleting password with password supplied for user uid=test_user0,ou=People,dc=example,dc=com
ldap_modify: Insufficient access
ldap_modify: additional info: Insufficient 'write' privilege to the 'unhashed#user#password' attribute of entry 'uid=test_user0,ou=People,dc=example,dc=com'.
DS version: 389-ds-base-1.2.11.13-1.el6.x86_64
This is already covered by pwdmodify/pwdmodify-qa.sh bug834047_1
The text was updated successfully, but these errors were encountered: