Nordgren, Bryce L -FS wrote:
>> Someone has reported an issue with password migration where 389-ds is
>> rejecting the passwords with: passwords with storage scheme are not
>> allowed. That may be part of the problem.
> That was me, but the context was 'ipa user-add' with a password hash rather
> than migrate-ds. Although it makes sense that 389 ds would act the same
> regardless of how I attempt to store the password. How can I check to see
> whether the passwords made it to freeipa? The migrate-ds script didn't
> complain, but I don't know where to look for logfiles.
I don't think a bug ever got logged for that, at least I can't find one.
Can you confirm? If not I'll get one logged.
The log file for the migration is in /var/log/httpd/error_log.
To see if passwords migrated, pick a migrated user and do a search as
Directory Manager for the userPassword attribute:
$ ldapsearch -x -D 'cn=Directory Manager' -W -b
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project