Hi, I am configuring native ldapd (OBSD 5.4) for users authentication. But it seems I can't use ldappasswd to modify a userPassword.
Here's how the object is configured: # ldapsearch -H ldap://localhost -D "cn=admin,dc=local" -w vierge -b "dc=local" "cn=email" (...) # email, users, local dn: cn=email,ou=users,dc=local objectClass: top objectClass: person cn: email sn: Account used for e-mail services userPassword:: dmllcmdl Here's the command I use to modify the password: # ldappasswd -H ldap://localhost -D "cn=admin,dc=local" -w vierge -S "cn=email,ou=users,dc=local" New password: Re-enter new password: Result: Protocol error (2) On the daemon side, I get: (...) Feb 28 12:13:49.203 [18750] accepted connection from 127.0.0.1 on fd 12 Feb 28 12:13:49.204 [18750] consumed 37 bytes Feb 28 12:13:49.204 [18750] got request type 0, id 1 Feb 28 12:13:49.204 [18750] bind dn = cn=admin,dc=local Feb 28 12:13:49.204 [18750] successfully authenticated as cn=admin,dc=local Feb 28 12:13:49.204 [18750] sending response 1 with result 0 Feb 28 12:13:49.204 [18750] consumed 71 bytes Feb 28 12:13:49.204 [18750] got request type 23, id 2 Feb 28 12:13:49.204 [18750] got extended operation 1.3.6.1.4.1.4203.1.11.1 Feb 28 12:13:49.204 [18750] unimplemented extended operation 1.3.6.1.4.1.4203.1.11.1 Feb 28 12:13:49.204 [18750] sending response 24 with result 2 Feb 28 12:13:49.204 [18750] consumed 7 bytes Feb 28 12:13:49.204 [18750] got request type 2, id 3 Feb 28 12:13:49.204 [18750] current bind dn = cn=admin,dc=local Feb 28 12:13:49.204 [18750] end-of-file on connection 12 Feb 28 12:13:49.204 [18750] closing connection 12 (...) If I run this command: # ldapmodify -H ldap://localhost -D "cn=admin,dc=local" -w vierge dn: cn=email,ou=users,dc=local changetype: modify replace: userPassword userPassword: newP4ss modifying entry "cn=email,ou=users,dc=local" Then the userPassword is properly changed. Isn't it possible to use ldappasswd to do such operation ? Or am I just mis-using it ? TIA, Jo
