Issue #876 has been updated by Clément OUDOT.
Category set to Self Service Password
Target version set to self-service-password-?
Could you see in 389 directory logs what happens when password is changed with
Bug #876: ssp portal email link failing to correctly update 389 directory
server user password
Author: janet h
Category: Self Service Password
Target version: self-service-password-?
Changing a user's 389 directory server password from the main ssp page (version
self-service-password-0.9-1.el5.noarch.rpm) by entering their old LDAP password
works properly and changes the LDAP password in the database. This password
can then be used to login to other LDAP systems.
However, using the $use_tokens = true option and changing a password via the
emailed link, changes the password hash, but doesn't set the new password it
to the inputted value given by the user. The result is that the user can't
use the "changed" password used to access any LDAP sources and it has to be
reset via the 389-ds software.
However, you can use the password set by the password link in the "Old
password" field on the ssp main page to update your password. This process
works and the 389-ds database is updated properly, allowing the user to login
to other LDAP systems. However, from the messages sent during this process I
don't think this was the intention of the email link. It's quite a convoluted
process, and the emailed password change link should simply update the database
password to the inputted value.
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
ltb-dev mailing list