[389-users] pwadmin not working

[Alberto Viana]

Hi Guys,
389 1.4.2.8

pwadmin is not working as expected:

dsconf RNP pwpolicy set --pwdadmin
cn=GRP_SRV_PREHASHED_PASSWORD,dc=my,dc=domain

In an specific OU, this user has the following permissions:
dn: OU=POP-PA,dc=my,dc=domain
aci: (targetattr="brPersonCPF || schacDateOfBirth || ntUserCreateNewAccount
||
  ntUserDeleteAccount || mail || objectClass || ntUserDomainId || cn ||
 given
 Name || sn || uid ||  ntUserDeleteAccount") (version 3.0;acl "All
attributes
 pop-pa Permissions";allow (add,write,read,search,compare,delete)
userdn="ldap
 :///uid=app.pop-pa.w,dc=my,dc=domain";)
aci: (targetattr="userPassword") (version 3.0;acl "userPassword attributes
pop
 -pa Permissions";allow (add,read,compare)
userdn="ldap:///uid=app.pop-pa.w,dc=my,dc=domain";;)

But I'm still getting the error:
ldapmodify -a -c -h localhost -D "uid=app.pop-pa.w,dc=my,dc=domain" -W -f
anderson.ldif

adding new entry "uid=anderson.souza,dc=my,dc=domain"
ldap_add: Constraint violation (19)
additional info: invalid password syntax - passwords with storage scheme
are not allowed

The user app.pop-pa.w is in GRP_SRV_PREHASHED_PASSWORD group.

Everything was working fine in my previous version of 389 with same config
(1.3.7.4)

Thanks

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org