Issue #876 has been updated by Clément OUDOT.

Category set to Self Service Password
Target version set to self-service-password-?

Could you see in 389 directory logs what happens when password is changed with 
the token?
Bug #876: ssp portal email link failing to correctly update 389 directory 
server user password

Author: janet h
Status: New
Priority: High
Assigned to: 
Category: Self Service Password
Target version: self-service-password-?

Changing a user's 389 directory server password from the main ssp page (version 
self-service-password-0.9-1.el5.noarch.rpm) by entering their old LDAP password 
works properly and changes the LDAP password in the database.  This password 
can then be used to login to other LDAP systems.

 However, using the $use_tokens = true option and changing a password via the 
emailed link, changes the password hash,  but doesn't set the new password it 
to the inputted value given by the user.   The result is that the user can't 
use the "changed" password used to access any LDAP sources and it has to be 
reset via the 389-ds software.

However, you can use the password set by the password link in the "Old 
password" field on the ssp main page to update your password.   This process 
works and the 389-ds database is updated properly, allowing the user to login 
to other LDAP systems.   However, from the messages sent during this process I 
don't think this was the intention of the email link.   It's quite a convoluted 
process, and the emailed password change link should simply update the database 
password to the inputted value.

You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here:
ltb-dev mailing list

Reply via email to