Now, I can read the userPassword field (after the migration process) but I
still can't change my password from the ui. I just got :

kerberos ticket is no longer valid.


2012/9/20 James James <jre...@gmail.com>

> It will be fine to have this info in the doc.
>
>
> 2012/9/20 Rob Crittenden <rcrit...@redhat.com>
>
>> Dmitri Pal wrote:
>>
>>> On 09/20/2012 01:42 PM, Rob Crittenden wrote:
>>>
>>>> James James wrote:
>>>>
>>>>> You 're right. The request return :
>>>>>
>>>>> Enter LDAP Password:
>>>>> # extended LDIF
>>>>> #
>>>>> # LDAPv3
>>>>> # base <cn=users,cn=accounts,dc=**example,dc=com> with scope subtree
>>>>> # filter: uid=test
>>>>> # requesting: userPassword
>>>>> #
>>>>>
>>>>> # test, users, accounts, example.com <http://example.com>
>>>>> dn: uid=test,cn=users,cn=accounts,**dc=example,dc=com
>>>>>
>>>>> # search result
>>>>> search: 2
>>>>> result: 0 Success
>>>>>
>>>>> Can you explain me what happens ?
>>>>>
>>>>> Is there a solution ?
>>>>>
>>>>
>>>> When migrating you need to bind as a user that has read permission on
>>>> the userPassword attribute in the remote LDAP server.
>>>>
>>>
>>> Rob should we check if we can read the userPassword attribute and if not
>>> fail migration?
>>> Should we open a ticket for this?
>>> Also I do not think we document the expectation that you vocalized above.
>>>
>>
>> I'll open a ticket to spell this out in the docs.
>>
>> Checking it in the command would be nice but I don't know about fatal.
>> Still, I'll open a ticket for that as well.
>>
>> rob
>>
>
>
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to