Description of problem: When chain on update feature is enabled and userpassword attribute value has to be updated on bind (eg due to new default password storage scheme) the update_pw_encoding() logs WARNing messages like these [26/Aug/2022:15:00:51.987076753 +0000] - WARN - update_pw_encoding - Could not read password attribute on '<DN>' Regardless of whether or not a local bind should chain update_pw_encoding(), the message is misleading so it should be addressed either by chaining such updates if needed or not attempting them in the first place for remote backends. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
diff --git a/ldap/servers/slapd/bind.c b/ldap/servers/slapd/bind.c index a1f00005c..e76207c55 100644 --- a/ldap/servers/slapd/bind.c +++ b/ldap/servers/slapd/bind.c @@ -799,7 +799,8 @@ do_bind(Slapi_PBlock *pb) * if it was successful, and if we used a PW (else we replace the pw * with the token, which would be bad!) */ - if (pb_conn->c_bind_auth_token == 0 && config_get_enable_upgrade_hash()) { + if (pb_conn->c_bind_auth_token == 0 && config_get_enable_upgrade_hash() && + !slapi_be_is_flag_set(be, SLAPI_BE_FLAG_REMOTE_DATA)) { update_pw_encoding(pb, bind_target_entry, sdn, cred.bv_val); } This blind fix should silence it however the problem should probably be addressed in the chain on update feature instead.