Hi,
There was similar topic 5 years ago, but the problem wasn't completely solved.
I've set `olcPasswordHash` to `{SASL}`, so ldappaswd is no longer smashing
`userPassword` attribute.
I get the same error which Tim Watts encountered 5 years ago.
https://www.openldap.org/lists/openldap-technical/201302/msg00190.html
namely, ldappaswd says:
Result: Other (e.g., implementation specific) error (80)
Additional info: scheme provided no hash function
Tim wrote:
However, the kerberos principle does get updated - and userPassword is left alone.
In my case I just get the error and the kerberos password is NOT updated.
Also, 9 years ago it was asked
(https://www.openldap.org/lists/openldap-software/200909/msg00010.html):
- salspasswd2 calls sasl_setpass(), and a look at OpenLDAP sources
shows that passwd_extop()/slap_sasl_setpass() does the same. That
suggests it is possible to have slapd doing the thing, but how does
it works? In passwd_extop(), slap_sasl_setpass() will only be
called if op-o_bd is NULL. In what situation does it happen?
But the question is not answered.
Does anyone remember how passwd_extop() works and how to get into
the if-statement block with call to slap_sasl_setpass()?
