Bug 523568
| Summary: | rhcs80 esc - cannot enroll on some passwords when using SSHA password storage scheme | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Marc Sauton <msauton> | |
| Component: | esc | Assignee: | Jack Magne <jmagne> | |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 5.5 | CC: | aakkiang, alee, benl, cfu, dlackey, dpal, jgalipea, rrelyea, shaines, tao | |
| Target Milestone: | --- | |||
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 549540 (view as bug list) | Environment: | ||
| Last Closed: | 2009-12-22 00:03:09 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 445047, 512842, 549540, 556639 | |||
Even though this bug is fixed, I added this to the "known issues" section of the release notes, since if anyone encounters it on Windows, they may check there first. It's the last one in the table: http://elladeon.fedorapeople.org/cs/relnotes/Release_Notes-Known_Issues-new.html There are two places in the ESC guide that mention LDAP authentication, once for formatting user cards and once for formatting sec officer cards: * http://elladeon.fedorapeople.org/cs/esc/Using_the_Enterprise_Security_Client-Smart_Card_Auto_Enrollment.html * http://elladeon.fedorapeople.org/cs/esc/secmod-new.html Those two have the same note as the release notes. Verified that the bug is fixed and the doc edits for release notes and esc sections looks good. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-1687.html |
Enrollment/format/pin reset ESC operations on windows vista and XP 32 and 64 bit is successful when password string combination of {a-z} {A-Z} {0-9} {~!@#$%^&*()_+?[];} with SSHA password scheme. There is a caveat using ! character in the password. Deon, please document this: ESC exhibits a different behaviour for character ! compared to $ in the password. For password that has a character "$" : - creating a pwdhash with "$" (no escape) succeeds and entering password with $ in ESC client - authentication fails. - creating a pwdhash with "\$" (with escape) succeeds and entering password with $ in esc client - authentication works fine. When a password has character "!": - creating a pwdhash fails with error 'bash event ! not found' . - creating a pwdhash with "\!" (with escape) succeeds and entering password with ! in esc client - authentication fails. - creating a pwdhash with "\!" (with escape) succeeds and entering password with \! in esc client - authentication works fine.