Univention Bugzilla – Full Text Bug Listing |
Summary: | Samba 4.9.x - connector password change | ||
---|---|---|---|
Product: | UCS | Reporter: | Felix Botner <botner> |
Component: | S4 Connector | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | enhancement | ||
Priority: | P5 | CC: | gohmann, requate |
Version: | UCS 4.4 | ||
Target Milestone: | UCS 4.4 | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=49905 | ||
What kind of report is it?: | Feature Request | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 48084 | ||
Attachments: | password.py.patch |
Description
Felix Botner
2018-11-13 13:16:18 CET
Created attachment 9741 [details]
password.py.patch
this works for me
Yes, the S4-Connector did a naive DELETE of the old and ADD of the new hashes, but this DELETE/ADD has a special semantics in Active Directory: https://ldapwiki.com/wiki/Passwords%20Using%20LDIF Since we don't have clear text passwords, we cannot use the DELETE/ADD, and should use MODIFY instead (i.e. administrative password reset). Patch committed to branch arequate/samba-4.9, package built in release-scope ucs_4.3-0-samba-4.9 (version 12.0.2-38A~4.3.0.201811131626). please merge to 4.4 Merged and rebuilt, changelog-4.4.0.xml adjusted. OK - merged OK - connector OK - changelog UCS 4.4 has been released: https://docs.software-univention.de/release-notes-4.4-0-en.html https://docs.software-univention.de/release-notes-4.4-0-de.html If this error occurs again, please use "Clone This Bug". |