[Date Prev][Date Next]
Re: (ITS#8293) ldappasswd error text
> Full_Name: Sam Darwin
> Version: openldap-2.4.31
> OS: Ubuntu 14.04
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (220.127.116.11)
> Showing informative error messages is very important, especially with complex
> software. In this case, the error was misleading, so maybe it can be
> $ ldappasswd -D "uid=exampleuser,ou=users,dc=example,dc=net"h h ldap01 -W -e
> Enter LDAP Password:
> Result: Constraint violation (19)
> Additional info: Password fails quality checking policy
> control: 18.104.22.168.22.214.171.124.126.96.36.199 false MAOBAQY=
> ppolicy: error=6 (Password is too short for policy)
> It looks like the password is too short, right?
> Actually, the problem is completely different, which I discovered after some
> -S "uid=exampleuser,ou=users,dc=example,dc=net" should also be added to that
> So, the real error was either that no password at all had been provided, or no
> user had been provided, or both. It had not even requested a new password.
> The new password was not too short, it was non-existent, which is something else
> So, my request is to make the error reporting more sophisticated here, and any
> place else that is analogous to this case. make the answer a bit more obvious.
Your report is invalid. The ldappasswd(1) manpage clearly states that if you
don't provide a new password, the server will be asked to generate one. In
this particular case, the password the server generated was too short for your
The manpage also states clearly that if you don't specify [user] DN, it will
change the password of the user that bound to the server.
The error message was correct.
Closing this ITS.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/