Greetings FreeIPA users,

I'm setting up FreeIPA service in our production environment to replace
several different authentication methods for various systems. I'm trying to
migrate the first wave of users now My plan was to copy their passwords
from an old LDAP directory (one of the aforementioned several
authentication methods) and then send them to the migration page to finish
the job.

bslu...@ipa1.aws:~$ head techteam-passwords.ldif
dn: uid=user1001,cn=users,cn=accounts,dc=smartling,dc=int
changeType: modify
replace: userPassword
userPassword:: e1NTSE[...]
-

dn: uid=user1002,cn=users,cn=accounts,dc=smartling,dc=int
changeType: modify
replace: userPassword
userPassword:: e1NIQX[...]

Unfortunately it isn't working:

bslu...@ipa1.aws:~$ ldapmodify -x -D cn=directory\ manager -W -f
techteam-passwords.ldif
Enter LDAP Password:
modifying entry "uid=user1001,cn=users,cn=accounts,dc=smartling,dc=int"
ldap_modify: Operations error (1)

I found some possible causes of this error, and fixed them:

bslu...@ipa1.aws:~$ ipa config-show |grep migration
  Enable migration mode: TRUE

bslu...@ipa1.aws:~$ ldapsearch -x -D cn=directory\ manager -W -b cn=config
|grep allow-hashed
Enter LDAP Password:
nsslapd-allow-hashed-passwords: on

Still no soap. Any suggestions?

TIA,
-
-Ben

-- 

*Ben Slusky*Smartling, Inc. Senior Operations Engineer
bslu...@smartling.com | smartling.com <http://www.smartling.com/>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to