I have a user:
[root@gomer ~]# ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b "uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxxx -x # extended LDIF # # LDAPv3 # base <uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us> with scope subtree # filter: (objectclass=*) # requesting: ALL #
# testuser, People, gomer.mdah.state.ms.us dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us uid: testuser cn: test user telephoneNumber: 5766888 roomNumber: IS homePhone: 3738042 givenName: test sn: user mail: testuser@dc=mdah,dc=state,dc=ms,dc=us objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaSamAccount shadowWarning: 7 loginShell: /bin/bash uidNumber: 501 gidNumber: 101 homeDirectory: /home/testuser gecos: test user,IS,5766888,3738042 sambaSID: S-1-5-21-2139886109-2393431639-217723040-2002 sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 sambaLMPassword: xxxxxxxxxxxxxxxxxxxxxxx sambaNTPassword: xxxxxxxxxxxxxxxxxxxxxxx sambaPwdMustChange: 1196173997 sambaPwdLastSet: 1196174310 sambaAcctFlags: [U ] shadowLastChange: 13844 shadowMax: 99999 userPassword:: e0NSWVBUfWNyTxxxxxxxxxxxxxxx=
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1
and an ldif file:
[root@gomer ~]# cat testuserchangepassword.ldif dn: uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us changetype: modify userPassword: {CRYPT}crLJzfHxxxxxxxx
and I runt he command to change it, but then the password isn't changed when you do the same ldapsearch:
[root@gomer ~]# ldapmodify -D "cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxxx -x -v -f testuserchangepassword.ldif ldap_initialize( <DEFAULT> ) replace userPassword: {CRYPT}crLJzfHxxxxxxxx modifying entry "uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" modify complete
[root@gomer ~]# ldapsearch -D 'cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us' -b "uid=testuser,ou=People,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxxx -x|grep userPassword userPassword:: e0NSWVBUfWNyTxxxxxxxxxxx=
any idea why it says the modify is successful but its not changing the userPassword?
Adam Williams wrote:
any idea why it says the modify is successful but its not changing the userPassword?
Because the message is misleading. When ldapmodify prints "modify complete" all it has done so far is send the request to the server. It hasn't actually read the server's reply yet. Someone should probably file a big report about that. In the meantime, you should run ldapmodify with debugging enabled to see what actually happened.
ITS#5247
--On November 27, 2007 7:31:12 AM -0800 Howard Chu hyc@symas.com wrote:
Adam Williams wrote:
any idea why it says the modify is successful but its not changing the userPassword?
Because the message is misleading. When ldapmodify prints "modify complete" all it has done so far is send the request to the server. It hasn't actually read the server's reply yet. Someone should probably file a big report about that. In the meantime, you should run ldapmodify with debugging enabled to see what actually happened. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-software@openldap.org