[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: using kpasswd with ldap db (0.7.2)
"Eric Ortego" <ericortego@gmail.com> writes:
> My directory hold the kerberos db and was working great untill I
> upgraded to 0.7.2
> What stopped working was kpasswd. I can no longer change a users
> password with it.
> This is the error I get, which is output twice for each passwd change attempt:
>
> [kpasswdd] Changing password for eric@MYDOMAIN.COM
> [kpasswdd] kadm5_s_chpass_principal_cond: ldap_modify_s:
> eric@MYDOMAIN.COM (dn=uid=eric,ou=people,dc=mydomain,dc=com) Type or
> value exists: krb5EncryptionType: value #0 provided more than once
>
> The only way I am able to use kpasswd to update passwords is by first
> deleting the entry for krb5EncryptionType
>
> Is this a known bug or possibly some configuration option I have
> overlooked that fixes this?
I think its a bug somewhere where the krb5EncryptionType is set, but I
can't figure out what it is. If you have time to debug the code its in
lib/hdb/hdb-ldap.c:LDAP_entry2mods() where the krb5EncryptionType is set.
if you can't find the error, you can just comment out the while "if
(ent->etypes) { " section in that file.
Love
PGP signature