I've used slapppasswd. The password was something like: {SSHA}xxxxxxxxxxxxxxxx
Some time ago, before having applied the password policy settings, i've changed
the olcPasswordHash FROM {MD5} to {SSHA}.
Almost all users should now have {SSHA} passwords.
-----Original Message-----
From: Michael Ströder [mailto:[email protected]]
Sent: Donnerstag, 27. Oktober 2011 09:20
To: Marco Weber
Cc: [email protected]
Subject: Re: password-policy configuration problems: cannot change passwords
Marco Weber wrote:
> Ok, I've changed the password:
> ldapmodify -D cn=username,dc=domain,dc=tld -W
> dn: cn=username,dc=domain,dc=tld
> changetype: modify
> replace: userPassword
> userPassword: TheNewValue
>
> then i tried to change the password using ldappasswd:
> ldappasswd -D cn=username,dc=domain,dc=tld -S -W New password:
> Re-enter new password:
> Enter LDAP Password:
> Result: Constraint violation (19)
> Additional info: Password policy only allows one password value
What was TheNewValue? If you have password-hash {SSHA} this has to be a
pre-hashed password. Use slappasswd to generate one.
Ciao, Michael.
