Now, I can read the userPassword field (after the migration process) but I still can't change my password from the ui. I just got :
kerberos ticket is no longer valid. 2012/9/20 James James <[email protected]> > It will be fine to have this info in the doc. > > > 2012/9/20 Rob Crittenden <[email protected]> > >> Dmitri Pal wrote: >> >>> On 09/20/2012 01:42 PM, Rob Crittenden wrote: >>> >>>> James James wrote: >>>> >>>>> You 're right. The request return : >>>>> >>>>> Enter LDAP Password: >>>>> # extended LDIF >>>>> # >>>>> # LDAPv3 >>>>> # base <cn=users,cn=accounts,dc=**example,dc=com> with scope subtree >>>>> # filter: uid=test >>>>> # requesting: userPassword >>>>> # >>>>> >>>>> # test, users, accounts, example.com <http://example.com> >>>>> dn: uid=test,cn=users,cn=accounts,**dc=example,dc=com >>>>> >>>>> # search result >>>>> search: 2 >>>>> result: 0 Success >>>>> >>>>> Can you explain me what happens ? >>>>> >>>>> Is there a solution ? >>>>> >>>> >>>> When migrating you need to bind as a user that has read permission on >>>> the userPassword attribute in the remote LDAP server. >>>> >>> >>> Rob should we check if we can read the userPassword attribute and if not >>> fail migration? >>> Should we open a ticket for this? >>> Also I do not think we document the expectation that you vocalized above. >>> >> >> I'll open a ticket to spell this out in the docs. >> >> Checking it in the command would be nice but I don't know about fatal. >> Still, I'll open a ticket for that as well. >> >> rob >> > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
