389-ds-base

Clone
Source Code
GIT

#544 insufficient access to unhashed#user#password pseudo attribute when performing modify oprerations
Closed: wontfix None Opened 11 years ago by bmoney312.

Closed: wontfix
Reopen Issue

Hello,

We are running version 1.2.10.14 and we have run into a problem with access to the unhashed#user#password attribute during modify operations.

The directory server returns err=50 insufficient access to the unhashed#user#password attribute when updating the userPassword attribute. This happens even though the user performing the operation has full access to the userPassword attribute.

I believe our problem is tracked by the ticket below:

https://fedorahosted.org/389/ticket/455

https://fedorahosted.org/389/attachment/ticket/455/0001-Trac-Ticket-455-Insufficient-rights-to-unhashed-user.patch

However, since userPassword is a multivalued attribute, does this patch account for attribute adds as well as deletes? I do not see a case for LDAP_MOD_ADD in the switch statement but perhaps I'm missing something. I can reproduce this issue with both userPassword attribute add and attribute delete operations, but replace works just fine as expected.

We are currently using an aci that explicitly allows full access to the unhashed#user#password attribute as a work around.

Thanks, Brendan

Brendan,

This should of been fixed in ticket 394 for 1.3.0

Is there anyway you can test the latest version?

Also here is the patch or 1.3.0:

https://fedorahosted.org/389/attachment/ticket/394/0001-Ticket-394-modify-delete-userpassword.patch

Thanks,
Mark

Closing as works for me, as it works in the latest version 1.3.0.

Thanks, Mark. We are planning to test but have not done so yet. Will report back if we find 1.3.0 does not solve our problem.

Metadata Update from @mreynolds:
- Issue assigned to rmeggins
- Issue set to the milestone: N/A
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/544

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Invalid)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
major
None
None
Community
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.