On Thu, May 5, 2011 at 6:40 PM, Rich Megginson <rmegg...@redhat.com> wrote:

>  On 05/05/2011 03:38 PM, Diego Woitasen wrote:
>
> Hi,
>  I have 389 DS working with Window Sync against Windows 2003. It works
> fine, including the password replication. Anyway I found that (obviusly) the
> password replication from 389 to AD works only if the client changes the
> password using "Password Modify (RFC 3062) extended operation". This works
> with the Python module or the ldappasswd utility.
>
>   The problem is the Admin Console. When you changes the user's password
> from the console, I see a MOD operation in the log file, and obviusly the
> password is not replicated to AD.
>
> As long as the new password sent to the server is clear text, it should not
> matter if you use a regular LDAP modify or the password change extop.
>
>
>   Shall I file a bug report or Am I missing something?
>
>  Regards,
>  Diego
>
> --
> Diego Woitasen
>
>
> --
> 389 users mailing 
> list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
Ok. I haven't looked at the code of the console because I don't program in
Java. I couldn't see the traffic because I use TLS/SSL.

If the replication doesn't work when I change the password from the 389
Admin Console, I think that the password is not in clear text on the modify
operation.

Regards,
 Diego

-- 
Diego Woitasen
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

Reply via email to