Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1795960
Description of problem: Expecting appropriate error message when new password length is less than 8 characters when ldap_pwmodify_mode = ldap_modify in sssd.conf Version-Release number of selected component (if applicable): sssd-1.16.4-37.el7.x86_64 How reproducible: Always Steps to Reproduce: 1. Setup sssd client with the rhds server and enable passwordCheckSyntax on server [root@ci-vm-10-0-153-118 ~]# ldapsearch -xLLL -p 389 -h localhost -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep passwordCheckSyntax passwordCheckSyntax: on 2. Add ldap_pwmodify_mode = ldap_modify in sssd.conf [root@ci-vm-10-0-153-121 ~]# cat /etc/sssd/sssd.conf [sssd] config_file_version = 2 services = nss, pam domains = example1 [domain/example1] ldap_search_base = dc=example,dc=test id_provider = ldap auth_provider = ldap ldap_user_home_directory = /home/%u ldap_uri = ldaps://server.example.com use_fully_qualified_names = True debug_level = 9 ldap_pwmodify_mode = ldap_modify 3. Try to change password of a user Actual results: [foo9@example1@ipaqavmh /]$ passwd Changing password for user foo9@example1. Current Password: New password: <password like red_12> Retype new password: <password like red_12> passwd: all authentication tokens updated successfully. Here I provided a new password having a length less than 8 characters but still, it's giving a message of successful password change. from log, (Wed Jan 29 05:14:55 2020) [sssd[be[example1]]] [sdap_process_result] (0x2000): Trace: sh[0x5587f4bdd960], connected[1], ops[0x5587f4bfbb90], ldap[0x5587f4bfdb80] (Wed Jan 29 05:14:55 2020) [sssd[be[example1]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_MODIFY] (Wed Jan 29 05:14:55 2020) [sssd[be[example1]]] [sdap_modify_done] (0x1000): ldap_modify result: Constraint violation(19), invalid password syntax - password must be at least 8 characters long (Wed Jan 29 05:14:55 2020) [sssd[be[example1]]] [sdap_op_destructor] (0x2000): Operation 3 finished (Wed Jan 29 05:14:55 2020) [sssd[be[example1]]] [sdap_modify_passwd_done] (0x0400): Password change for [uid=foo9,ou=People,dc=example,dc=test] was successful Expected results: Must give a proper error message when new password length is less than 8 characters. Additional info:
Metadata Update from @pbrezina: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1795960
Metadata Update from @pbrezina: - Issue assigned to pbrezina
Metadata Update from @pbrezina: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1795960 https://bugzilla.redhat.com/show_bug.cgi?id=1795220 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1795960)
PR https://github.com/SSSD/sssd/pull/979
Metadata Update from @pbrezina: - Issue tagged with: PR
master
sssd-1-16
Metadata Update from @pbrezina: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5106
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.