[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC

Marius P. wrote:

I am trying to change a password for ldap entry using ldappasswd -vx
-D "cn=root,dc=test,dc=com" -w foobarr
"uid=mariusp,ou=people,dc=test,dc=com" and reply I get is:

Result: Other (e.g., implementation specific) error (80)
Additional info: password hash failed

I am running openldap on Solaris 10 latest on SPARC. It is in testing
meaning there is nothing special about its configuration all defaults.
Database has two entries just to play with.

I haven't bothered to compile it myself so just downloaded openldap
2.4.11 from sunfreeware.com with required prerequisits such as
Berkeley DB, SASL, openssl etc.

Everything works fine except this weird problem which looks like a bug.

Password checking (binding) works fine if I manually change
userPassword: attribute no matter what algorithm prefix I use be it
SSHA, crypt or MD5. That tells me that it can succesfully check and
run those algorithms however something breaks when it tries to change
the password like it couldn't hash that supplied password.

Wondering if anyone exprienced similar problem and have any comments
or findings.

As far as I understand, that message could only appear if hashing failed inside the specific hashing mechanism call. Unfortunately, the failure reason depends on what hashing is being used. Can you tell what you set as "password-hash" in slapd.conf(5)? In case, I suggest you file an ITS.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------