[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4576) EXOP password modify doesn't reset pwdMustChange in same connection
The fix applied to HEAD (ppolicy-1.80) didn't work when applied to 2.3.24, I get the same
error.
Here is the complete python script. I changed it to do a search afterwards
instead of a write. You will need python-ldap installed.
#!/usr/bin/env python
# -*- coding: ISO-8859-1 -*-
import ldap
import ldap.modlist
import sys
import random
import time
BASE = "dc=example,dc=com"
user = "uid=joaozinho,ou=people,dc=example,dc=com"
filter = "(uid=joaozinho)"
oldpassword = "secret"
newpassword = "newsecret"
SERVER_URI = "ldap://10.0.2.200"
sleeptime = 5
ld = ldap.initialize(SERVER_URI)
ld.protocol_version = ldap.VERSION3
print "Binding"
res = ld.bind_s(user, oldpassword, ldap.AUTH_SIMPLE)
print "Sending exop"
res = ld.passwd(user, oldpassword, newpassword)
print "Sleeping %d seconds" % sleeptime
time.sleep(sleeptime)
print "Searching this user"
res = ld.search_s(BASE, ldap.SCOPE_SUBTREE, filter)
print res
print "Done."
# vim: ts=4
Before running it I always reset the "joaozinho" user:
#!/bin/bash
ldappasswd -h 10.0.2.200 -x -D 'uid=Unix Admin,ou=System Accounts,dc=example,dc=com' -w unixadmin -s secret uid=joaozinho,ou=people,dc=example,dc=com
ldapmodify -h 10.0.2.200 -x -D 'uid=Unix Admin,ou=System Accounts,dc=example,dc=com' -w unixadmin <<EOF
dn: uid=joaozinho,ou=people,dc=example,dc=com
changetype: modify
replace: pwdReset
pwdReset: TRUE
EOF