SelfService change password.
by Kiselev Mikhail
I met with the problem that the user cannot update his own password
ipa user-show new
User login: new
First name: new
Last name: new
Home directory: /home/new
Login shell: /bin/bash
Principal name: new(a)OPENTECH.LOCAL
Principal alias: new(a)OPENTECH.LOCAL
Email address: new(a)e2e4online.ru
UID: 346726108
GID: 100
Account disabled: False
Password: True
Member of groups: ipausers, users
Indirect Member of group: jira_users, grafana_users, asterisk_users,
perspectiva_rdp, bamboo_users, nexus_users, bitbucket_users,
moodle_users, harbor_users, inkass_rdp, desktop, confluence_users,
jenkins_users, maven_users, ivideon_users,
chat_users, mail_users, nextcloud_users
Indirect Member of HBAC rule: login_users
Kerberos keys available: True
ipa user-status new
-----------------------
Account disabled: False
-----------------------
Server: ipareplica1.opentech.local
Failed logins: 0
Last successful authentication: N/A
Last failed authentication: N/A
Time now: 2021-01-12T06:58:47Z
Server: ipareplica2.opentech.local
Failed logins: 0
Last successful authentication: N/A
Last failed authentication: N/A
Time now: 2021-01-12T06:58:47Z
Server: ipa.opentech.local
Failed logins: 0
Last successful authentication: N/A
Last failed authentication: N/A
Time now: 2021-01-12T06:58:47Z
----------------------------
Number of entries returned 3
----------------------------
ipa -vv passwd
ipa: INFO: trying https://ipa.opentech.local/ipa/session/json
ipa: INFO: Request: {
"id": 0,
"method": "ping",
"params": [
[],
{}
]
}
ipa: INFO: Response: {
"error": null,
"id": 0,
"principal": "new(a)OPENTECH.LOCAL",
"result": {
"messages": [
{
"code": 13001,
"data": {
"server_version": "2.231"
},
"message": "API Version number was not sent, forward
compatibility not guaranteed. Assuming server's API version, 2.231",
"name": "VersionMissing",
"type": "warning"
}
],
"summary": "IPA server version 4.6.6. API version 2.231"
},
"version": "4.6.6"
}
ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server
'https://ipa.opentech.local/ipa/session/json'
ipa: INFO: Request: {
"id": 0,
"method": "command_defaults/1",
"params": [
[
"passwd/1"
],
{
"kw": null,
"params": [
"principal"
],
"version": "2.231"
}
]
}
ipa: INFO: Response: {
"error": null,
"id": 0,
"principal": "new(a)OPENTECH.LOCAL",
"result": {
"result": {
"principal": "new(a)OPENTECH.LOCAL"
}
},
"version": "4.6.6"
}
ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server
'https://ipa.opentech.local/ipa/session/json'
ipa: INFO: Request: {
"id": 0,
"method": "command_defaults/1",
"params": [
[
"passwd/1"
],
{
"kw": {
"principal": "new(a)OPENTECH.LOCAL"
},
"params": [
"current_password"
],
"version": "2.231"
}
]
}
ipa: INFO: Response: {
"error": null,
"id": 0,
"principal": "new(a)OPENTECH.LOCAL",
"result": {
"result": {}
},
"version": "4.6.6"
}
Current Password:
New Password:
Enter New Password again to verify:
ipa: INFO: [try 1]: Forwarding 'command_defaults/1' to json server
'https://ipa.opentech.local/ipa/session/json'
ipa: INFO: Request: {
"id": 0,
"method": "command_defaults/1",
"params": [
[
"passwd/1"
],
{
"kw": null,
"params": [
"principal"
],
"version": "2.231"
}
]
}
ipa: INFO: Response: {
"error": null,
"id": 0,
"principal": "new(a)OPENTECH.LOCAL",
"result": {
"result": {
"principal": "new(a)OPENTECH.LOCAL"
}
},
"version": "4.6.6"
}
ipa: INFO: [try 1]: Forwarding 'passwd/1' to json server
'https://ipa.opentech.local/ipa/session/json'
ipa: INFO: Request: {
"id": 0,
"method": "passwd/1",
"params": [
[],
{
"current_password": "test",
"password": "123",
"version": "2.231"
}
]
}
ipa: INFO: Response: {
"error": {
"code": 2100,
"data": {
"info": "Insufficient access rights"
},
"message": "Insufficient access: Insufficient access rights",
"name": "ACIError"
},
"id": 0,
"principal": "new(a)OPENTECH.LOCAL",
"result": null,
"version": "4.6.6"
}
ipa: ERROR: Insufficient access: Insufficient access rights
3 years, 2 months
389ds replication - ERR - slapi_ldap_bind - Could not send bind request for id
by lejeczek
Hi guys,
I'm trying to set up replication for a non-IPA database
following RHEL's docs, I'm on Centos Stream, and I get errors:
....
[01/Feb/2021:11:25:38.854769282 +0000] - ERR -
slapi_ldap_bind - Could not send bind request for id
[cn=replication manager,cn=config] authentication mechanism
[SIMPLE]: error -1 (Can't contact LDAP server), system error
-5987 (Invalid function argument.), network error 0 (Unknown
error, host "dzien.private:636")
[01/Feb/2021:11:25:38.856822436 +0000] - ERR -
NSMMReplicationPlugin - bind_and_check_pwp -
agmt="cn=swir-dzien-agreement" (dzien:636) - Replication
bind with SIMPLE auth failed: LDAP error -1 (Can't contact
LDAP server) (error:0407008A:rsa
routines:RSA_padding_check_PKCS1_type_1:invalid padding)
[01/Feb/2021:11:25:41.874045655 +0000] - ERR -
slapi_ldap_bind - Could not send bind request for id
[cn=replication manager,cn=config] authentication mechanism
[SIMPLE]: error -1 (Can't contact LDAP server), system error
-5987 (Invalid function argument.), network error 0 (Unknown
error, host "dzien.private:636")
...
Instructions seem rather solid & easy to follow. What am I
missing when you look at the errors?
many thanks, L.
3 years, 2 months