Bug 213574

Summary: User management by Yast of users stored in LDAP - decline user password
Product: [openSUSE] SUSE Linux 10.1 Reporter: Milan Znamenacek <mznamenacek>
Component: YaST2Assignee: Jiří Suchomel <jsuchome>
Status: RESOLVED FIXED QA Contact: Jiri Srain <jsrain>
Severity: Major    
Priority: P5 - None CC: reitenbach
Version: Final   
Target Milestone: ---   
Hardware: i686   
OS: SuSE Linux 10.1   
Whiteboard:
Found By: Customer Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: y2logs from reporter

Description Milan Znamenacek 2006-10-19 07:22:06 UTC 
I have a user accont stored in LDAP with a password created in other application (not in Yast) with encryption algorithm SSHA. Password is stored in LDAP as {SSHA}xxxxxxxx.
After editing of user in Yast (no changes in password), user is stored in LDAP and  password string is changed as {crypt}{SSHA}yyyyyyyy. Pam-ldap is not able to authenticate this user.
Comment 1 Jiří Suchomel 2006-10-20 08:54:24 UTC 
Please attach YaST log files (/var/log/YaST2 directory) from the session when yast2-users replaced the password.
Comment 2 Jiří Suchomel 2006-10-23 09:17:41 UTC 
Created attachment 102250 [details]
y2logs from reporter
Comment 3 Jiří Suchomel 2006-10-23 12:37:12 UTC 
What does "ldapsearch -x susePasswordHash" say?
Comment 4 Jiří Suchomel 2006-10-23 13:08:07 UTC 
Hm, CRYPT I assume. The problem is that with different algorithm, yast2-users didn't recognize that the value was not changed
Comment 5 Jiří Suchomel 2006-10-23 13:30:39 UTC 
Lowering the priority, as non-standard way was used. The patch is easy, I'd like to submit it for SL10.2 and SLES10-SP1.
Comment 8 Jiří Suchomel 2006-10-24 08:50:44 UTC 
Fixed in yast2-users-2.13.31
Comment 9 Jiří Suchomel 2007-01-17 14:45:13 UTC 
*** Bug 220780 has been marked as a duplicate of this bug. ***