On Fri, Dec 17, 2010 at 13:25, Simo Sorce <sso...@redhat.com> wrote:
>> I have recently upgraded one of our server from Fedora 13 to 14.
>> Recently, I noticed that I cannot reset user passwords any more:
>> A database error occurred: Operations error: Failed to update password
>> The log file contains the following entries:
>> [16/Dec/2010:10:47:08 -0500] ipa_pwd_extop - encoding asn1
>> EncryptionKey failed [16/Dec/2010:10:47:08 -0500] ipa_pwd_extop -
>> encoding asn1 KrbSalt failed [16/Dec/2010:10:47:08 -0500]
>> ipa_pwd_extop - key encryption/encoding failed
>> Packages:
>> 389-ds-base-
>> ipa-server-1.2.2-5.fc14.x86_64
>> This appears similar to a bug reported a couple of weeks ago:
>> https://bugzilla.redhat.com/show_bug.cgi?id=658832
>> Although the above report is related to ipa-getkeytab rather than
>> ipa-passwd. If they are the same issue, then this bug is more serious
>> since I can't create new users or allow password changes.
> Yes it is almost certainly the same issue, as the ipa-pwd-exop plugin
> handles all password changes and keytab issuance.
>> Does anyone have a status on this?
> We have a patch for the v2 version of the plugins but haven't yet found
> the time to backport to 1.2.2.
> A workaround is to downgrade DS to a version not compiled with openldap
> libs (or recompile it with mozldap).
> If you look in this list archives you will also find that Thomas Sailer
> has created a backport of the patch and posted a srpm on his fedora
> people page.
> We hope to address the issue as soon as possible, but we are short on
> time in this period.

No problem, thanks for the response. For reference, the archived post
with link to the SRPM is here:




Freeipa-users mailing list

Reply via email to