Simon Matthews via FreeIPA-users wrote: > I think that something else must be going on. I did a test where I added the > clear-text password: > [root@ipa1 ~]# ipa user-del simon > -------------------- > Deleted user "simon" > -------------------- > [root@ipa1 ~]# ipa user-add simon --first=NIS --last=USER --uid=1010 > --gid=441 --gecos='Simon Matthews' --homedir=/home/simon --shell=/bin/bash > --password > Password: > Enter Password again to verify: > ------------------ > Added user "simon" > ------------------ > User login: simon > First name: NIS > Last name: USER > Full name: NIS USER > Display name: NIS USER > Initials: NU > Home directory: /home/simon > GECOS: Simon Matthews > Login shell: /bin/bash > Principal name: [email protected] > Principal alias: [email protected] > User password expiration: 20211221005503Z > Email address: [email protected] > UID: 1010 > GID: 441 > Password: True > Member of groups: ipausers > Kerberos keys available: True > > Now to test that password: > [root@ipa1 ~]# ldapwhoami -Z -H ldap://ipa1.sj.bps -D > 'cn=simon,cn=users,cn=accounts,dc=sj,dc=bps' -W > Enter LDAP Password: > ldap_bind: Invalid credentials (49) > > The database has a password: > [root@ipa1 ~]# ldapsearch -D "cn=Directory Manager" -x -W -b > uid=simon,cn=users,cn=accounts,dc=sj,dc=bps uid userPassword > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <uid=simon,cn=users,cn=accounts,dc=sj,dc=bps> with scope subtree > # filter: (objectclass=*) > # requesting: uid userPassword > # > > # simon, users, accounts, sj.bps > dn: uid=simon,cn=users,cn=accounts,dc=sj,dc=bps > uid: simon > userPassword:: e1NTSEE1MTJ9RnF3M1VpeEdmallFU1l4YVdRR2dCbFdUQnY0OExsKzNld1lJSzF > UR015ci9WMkJ6TWxaQy9WSXVxUDJYVlRuMURMOVMxeEFpcVBqTFZZRWM4Z0R5cHdpcVNRZytBalZi > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1
These same steps work for me. This is the typical way to set passwords in IPA. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
