openldap password fails to update

Stéphane Guedon Fri, 07 Mar 2014 05:27:07 -0800

Hello everybody.

I am currently finishing my openbsd server. Most of installation gone 
pretty well :-).


I run now in openldap. I successfully installed the server and 
launched it in chroot for security.

My problem is weird : using ldapadd, I can add peoples and stuff.

ldapadd -x -D "cn=admin,dc=22decembre,dc=eu" -w secret -f stef.ldif             
                                                                                
                                        
adding new entry "uid=test,ou=users,dc=22decembre,dc=eu"

But when I try to change this user password it fails :

# ldappasswd  -x -v -D "uid=test,ou=users,dc=22decembre,dc=eu" \
-w somesecret -s anothersec
ldap_initialize( <DEFAULT> )
Result: Other (e.g., implementation specific) error (80)
Additional info: password hash failed


and when looking in logs I don't see why it fails !

Mar  7 10:29:35 blackblock slapd[26351]: => slap_access_allowed: auth 
access granted by auth(=xd) 
Mar  7 10:29:35 blackblock slapd[26351]: => access_allowed: auth 
access granted by auth(=xd) 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=0 BIND 
dn="uid=test,ou=users,dc=22decembre,dc=eu" mech=SIMPLE ssf=0 
Mar  7 10:29:35 blackblock slapd[26351]: do_bind: v3 bind: 
"uid=test,ou=users,dc=22decembre,dc=eu" to 
"uid=test,ou=users,dc=22decembre,dc=eu" 
Mar  7 10:29:35 blackblock slapd[26351]: send_ldap_result: conn=1014 
op=0 p=3 
Mar  7 10:29:35 blackblock slapd[26351]: send_ldap_result: err=0 
matched="" text="" 
Mar  7 10:29:35 blackblock slapd[26351]: send_ldap_response: msgid=1 
tag=97 err=0 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=0 RESULT tag=97 
err=0 text= 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on 1 
descriptor 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on:
Mar  7 10:29:35 blackblock slapd[26351]:  22r
Mar  7 10:29:35 blackblock slapd[26351]:  
Mar  7 10:29:35 blackblock slapd[26351]: daemon: read activity on 22 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=6 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=7 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: connection_get(22) 
Mar  7 10:29:35 blackblock slapd[26351]: connection_get(22): got 
connid=1014 
Mar  7 10:29:35 blackblock slapd[26351]: connection_read(22): checking 
for input on id=1014 
Mar  7 10:29:35 blackblock slapd[26351]: op tag 0x77, time 1394184575 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on 1 
descriptor 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: waked 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=6 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=7 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=1 do_extended 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=1 EXT 
oid=1.3.6.1.4.1.4203.1.11.1 
Mar  7 10:29:35 blackblock slapd[26351]: do_extended: 
oid=1.3.6.1.4.1.4203.1.11.1 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=1 PASSMOD new 
Mar  7 10:29:35 blackblock slapd[26351]: 
bdb_dn2entry("uid=test,ou=users,dc=22decembre,dc=eu") 
Mar  7 10:29:35 blackblock slapd[26351]: send_ldap_extended: err=80 
oid= len=0 
Mar  7 10:29:35 blackblock slapd[26351]: send_ldap_response: msgid=2 
tag=120 err=80 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=1 RESULT oid= 
err=80 text=password hash failed 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on 1 
descriptor 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on:
Mar  7 10:29:35 blackblock slapd[26351]:  22r
Mar  7 10:29:35 blackblock slapd[26351]:  
Mar  7 10:29:35 blackblock slapd[26351]: daemon: read activity on 22 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=6 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: connection_get(22) 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=7 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: connection_get(22): got 
connid=1014 
Mar  7 10:29:35 blackblock slapd[26351]: connection_read(22): checking 
for input on id=1014 
Mar  7 10:29:35 blackblock slapd[26351]: op tag 0x42, time 1394184575 
Mar  7 10:29:35 blackblock slapd[26351]: ber_get_next on fd 22 failed 
errno=0 (Undefined error: 0) 
Mar  7 10:29:35 blackblock slapd[26351]: connection_read(22): input 
error=-2 id=1014, closing. 
Mar  7 10:29:35 blackblock slapd[26351]: connection_closing: readying 
conn=1014 sd=22 for close 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: activity on 1 
descriptor 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: waked 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=6 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: select: listen=7 
active_threads=0 tvp=NULL 
Mar  7 10:29:35 blackblock slapd[26351]: connection_close: deferring 
conn=1014 sd=22 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=2 do_unbind 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 op=2 UNBIND 
Mar  7 10:29:35 blackblock slapd[26351]: connection_resched: 
attempting closing conn=1014 sd=22 
Mar  7 10:29:35 blackblock slapd[26351]: connection_close: conn=1014 
sd=22 
Mar  7 10:29:35 blackblock slapd[26351]: daemon: removing 22 
Mar  7 10:29:35 blackblock slapd[26351]: conn=1014 fd=22 closed

There's another thing strange, maybe related to the problem : 
slappasswd never gives the same result !

# slappasswd                                                                    
                                                                                
                                          
New password: 
Re-enter new password: 
{SSHA}8ip4+k3gVAN6Gggf2szhJxo052sI3Fyc
# slappasswd  
New password: 
Re-enter new password: 
{SSHA}JvduTI/JAX1G9AhtlCYEjNHl/6DbE6hs

Does any of you can suggest what's wrong ? Do you need other 
information ?

Thanks in advance !

openldap password fails to update

Reply via email to