Bug 421971
Summary: | Passwords are truncated to 8 characters | ||
---|---|---|---|
Product: | [Retired] 389 | Reporter: | Bob Kong <rkong> |
Component: | Security - Password Policy | Assignee: | Rich Megginson <rmeggins> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | high | Docs Contact: | |
Priority: | low | ||
Version: | 1.0.2 | CC: | benl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 1.0.4 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-02-28 03:55:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Bob Kong
2007-12-12 17:00:34 UTC
I've tried to reproduce the problem with Fedora DS 1.1. Steps: Login to the console as the admin user Create a new user with a password of 1234567890 In a separate window, do ldapsearch -x -D "uid=juser,ou=people,dc=example,dc=com" -w 1234567890 This works fine. Then, try ldapsearch -x -D "uid=juser,ou=people,dc=example,dc=com" -w 12345678 This gives the error - ldap_bind: Invalid credentials (49) So I believe this issue is fixed in Fedora DS 1.1. Have you tried Fedora DS 1.0.4? No I have not tried FDS 1.0.4. Is there a patch or work around for this under 1.0.2? To move to 1.0.4 would require additional testing to implement. Thanks Bob (In reply to comment #2) > No I have not tried FDS 1.0.4. Is there a patch or work around for this under > 1.0.2? To move to 1.0.4 would require additional testing to implement. I'm not aware of this being a bug in previous versions of the software, and I don't know of patches that would have fixed it. I suppose you could do a bugzilla search of Fedora and Red Hat Directory Server to see if any similar bugs have been reported. Are you using password policy? Password syntax checking? Perhaps that has something to do with it. > > Thanks > Bob Yes I am using a password policy and syntax checking. Disabling the password policy has yields the same result. I also tested this against a 1.0.4 server and passwords are handled correctly. Looks like the problem is only in 1.0.2. I'm really not sure. There were quite a few bugs fixed between 1.0.2 and 1.0.4. If you would like to see them for yourself, try this: cvs -d :pserver:anonymous.org:/cvs/dirsec diff -rFedoraDirSvr102 -rFedoraDirSvr104 ldapserver or try looking in ldapserver/ldap/servers/slapd and/or ldapserver/ldap/servers/plugins/pwdstorage |