Kurt,
This section says: A Password Modify request is an ExtendedRequest with the requestName field containing passwdModifyOID OID and optionally provides a requestValue field. The rfc does not specify what is the expected server behaviour when the extension contains only the passwdModifyOID and no value. My guess is that this will cause the server to generate a password for the
identity which is currently bound on the connection on which the request was
recieved and hence the server is required to return the generated password in
the extended response.
Also in section 2, the rfc says:
If oldPasswd is present and the provided value cannot be
verified or
is incorrect, the server SHALL NOT change the user password. In this case, what is the LDAP error that the server should send bac to the
client.
Prasad
|
_______________________________________________ Ldapext mailing list Ldapext@ietf.org https://www1.ietf.org/mailman/listinfo/ldapext