> > That was me, but the context was 'ipa user-add' with a password hash
> rather than migrate-ds. Although it makes sense that 389 ds would act the
> same regardless of how I attempt to store the password. How can I check to
> see whether the passwords made it to freeipa? The migrate-ds script didn't
> complain, but I don't know where to look for logfiles.
>
> I don't think a bug ever got logged for that, at least I can't find one.
> Can you confirm? If not I'll get one logged.

It didn't. My message to the list was the initial "is this a bug or am I being 
dumb?" question. Until now, there was no response.

No reported errors during migration, but a bunch of warnings:
[Thu Jul 17 11:21:37.703752 2014] [:error] [pid 4534] ipa: WARNING: GID number 
65534 of migrated user SOMEUSER does not point to a known group.

Turns out admin and test.user have userPassword and nobody else does. So: only 
accounts which were created by the server install or for which I manually reset 
the password.

Bryce






This electronic message contains information generated by the USDA solely for 
the intended recipients. Any unauthorized interception of this message or the 
use or disclosure of the information it contains may violate the law and 
subject the violator to civil or criminal penalties. If you believe you have 
received this message in error, please notify the sender and delete the email 
immediately.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to