Ticket #139 (new defect) Opened 2 months ago Password policy prevents new users from logging in Reported by: davido Assigned to: kmacmill Priority: major Milestone: Component: ipa-server Version: Keywords: policy Cc: Description ΒΆ I just created a new user but as soon as I did and the interface returned to the View User page, it said "Password has expired". More info: Obviously enough, I couldn't log in as the new user because of this. When I went back to the server as admin and tried to update the user (by changing the password), I got a "500 - Internal Server Error". Here's what I can see in the log: 2007-11-30 14:56:10,106 ipagui.controllers ERROR CherryPy? 500 error (500 - Internal Server Error) for request 'POST /user/update' Traceback (most recent call last): File "/usr/lib/python2.5/site-packages/cherrypy/_cphttptools.py", line 105, in _run self.main() File "/usr/lib/python2.5/site-packages/cherrypy/_cphttptools.py", line 254, in main body = page_handler(*virtual_path, **self.params) File "<string>", line 3, in update File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 344, in expose *args, **kw) File "<string>", line 5, in run_with_transaction File "/usr/lib/python2.5/site-packages/turbogears/database.py", line 312, in so_rwt retval = func(*args, **kw) File "<string>", line 5, in _expose File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 359, in <lambda> mapping, fragment, args, kw))) File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 386, in _execute_func output = errorhandling.try_call(func, *args, **kw) File "/usr/lib/python2.5/site-packages/turbogears/errorhandling.py", line 72, in try_call return func(self, *args, **kw) File "<string>", line 3, in update File "/usr/lib/python2.5/site-packages/turbogears/identity/conditions.py", line 235, in require return fn(self, *args, **kwargs) File "/usr/share/ipa/ipagui/subcontrollers/user.py", line 520, in update rv = client.modifyPassword(kwkrbprincipalname?, "", kw.get('userpassword')) KeyError?: 'krbprincipalname'
This bug has nothing to do with password policy. It is simply a problem with the UI. Resetting summary. A more readable stack trace is: Traceback (most recent call last): File "/usr/lib/python2.5/site-packages/cherrypy/_cphttptools.py", line 105, in _run self.main() File "/usr/lib/python2.5/site-packages/cherrypy/_cphttptools.py", line 254, in main body = page_handler(*virtual_path, **self.params) File "<string>", line 3, in update File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 336, in expose *args, **kw) File "<string>", line 5, in run_with_transaction File "/usr/lib/python2.5/site-packages/turbogears/database.py", line 303, in so_rwt retval = func(*args, **kw) File "<string>", line 5, in _expose File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 351, in <lambda> mapping, fragment, args, kw))) File "/usr/lib/python2.5/site-packages/turbogears/controllers.py", line 378, in _execute_func output = errorhandling.try_call(func, *args, **kw) File "/usr/lib/python2.5/site-packages/turbogears/errorhandling.py", line 73, in try_call return func(self, *args, **kw) File "<string>", line 3, in update File "/usr/lib/python2.5/site-packages/turbogears/identity/conditions.py", line 235, in require return fn(self, *args, **kwargs) File "/home/rcrit/redhat/freeipa/ipa-server/ipa-gui/ipagui/subcontrollers/user.py", line 521, in update rv = client.modifyPassword(kw['krbprincipalname'], "", kw.get('userpassword')) KeyError: 'krbprincipalname'
Created attachment 293660 [details] use different dictionary to get krbprincipalname
Committed in changeset 617
if it is "admin" who change user's password, it is success if it is user himself change the password, it has some problems. The bug for this specific scenario is at bug: 441005 https://bugzilla.redhat.com/show_bug.cgi?id=441005