Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-4109

The ldappasswordmodify command fails when requested through a directory proxy server

    Details

    • Type: Bug
    • Status: Dev backlog
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.5.0
    • Fix Version/s: None
    • Component/s: proxy
    • Labels:

      Description

      When requesting password modify extended operation via a proxy server, it fails with a strange error. 

      Steps to reproduce:

      1. Setup a simple PS/DS topology (cn=myself is the rootDN of DS, and the user PS uses for proxied-auth)

      2. Send a ldappasswordmodify request

      ./bin/ldappasswordmodify -h localhost -p 1390 -D "cn=myself" -w password -a u:user.2 -c password -n newpassword
      

      Current behavior:

      The LDAP password modify operation failed: 123 (Authorization Denied) Additional Information: An error occurred while attempting to map authorization ID string "u:user.2" to a user entry: An internal failure occurred while attempting to resolve ID string user.2 to a user entry: User dn:cn=internal client,cn=root dns,cn=config specified in the proxied authorization V2 control does not exist in the Directory Server
      

      Expected behavior:

      It should find the user based on the uid, and change his password.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                viktor.nawrath Viktor Nawrath
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: