CentOS 7.x Configuring php based page for LDAP password change for 389-DS

From Notes_Wiki

Home > CentOS > CentOS 7.x > Web Based Tools > CentOS 7.x Configuring php based page for LDAP password change for 389-DS

Steps for CentOS 6.x are mentioned at Configuring php based page for LDAP password change

After following those steps, comment old $encoded_newpassword and set new value to:

   //$encoded_newPassword = "{SHA}" . base64_encode( pack( "H*", sha1( $newPassword ) ) );
   $encoded_newPassword =  $newPassword;

without these following error would be displayed:

   E201 - Your password cannot be change, please contact the administrator.
   19 - Constraint violation
   Your password was not changed.

The issue was suspected because /var/log/dirsrv/slapd-389ds/access had following lines:

   [21/Feb/2017:10:07:52.207971315 +0000] conn=23 fd=64 slot=64 SSL connection from 127.0.0.1 to 127.0.0.1
   [21/Feb/2017:10:07:52.219518509 +0000] conn=23 TLS1.0 256-bit AES
   [21/Feb/2017:10:07:52.219715417 +0000] conn=23 op=0 SRCH base="dc=example,dc=com" scope=2 filter="(|(uid=saurabh)(mail=saurabh))" attrs=ALL
   [21/Feb/2017:10:07:52.220916033 +0000] conn=23 op=0 RESULT err=0 tag=101 nentries=1 etime=0
   [21/Feb/2017:10:07:52.221605169 +0000] conn=23 op=1 SRCH base="uid=saurabh,ou=People,dc=example,dc=com" scope=2 filter="(|(uid=saurabh)(mail=saurabh))" attrs="* ou uid mail passwordRetryCount passwordHistory aci"
   [21/Feb/2017:10:07:52.221934897 +0000] conn=23 op=1 RESULT err=0 tag=101 nentries=1 etime=0
   [21/Feb/2017:10:07:52.222531617 +0000] conn=23 op=2 BIND dn="uid=saurabh,ou=People,dc=example,dc=com" method=128 version=3
   [21/Feb/2017:10:07:52.222952013 +0000] conn=23 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=saurabh,ou=people,dc=example,dc=com"
   [21/Feb/2017:10:07:52.224311631 +0000] conn=23 op=3 RESULT err=19 tag=103 nentries=0 etime=0
   [21/Feb/2017:10:07:52.224321036 +0000] conn=23 op=3 MOD dn="uid=saurabh,ou=People,dc=example,dc=com", invalid password syntax
   [21/Feb/2017:10:07:52.224988954 +0000] conn=23 op=4 UNBIND
   [21/Feb/2017:10:07:52.225004469 +0000] conn=23 op=4 fd=64 closed - U1

suggesting issue with the password syntax.

Refer http://stackoverflow.com/questions/10553081/change-password-using-ldif-file


Home > CentOS > CentOS 7.x > Web Based Tools > CentOS 7.x Configuring php based page for LDAP password change for 389-DS