Password not changing - AD with pwmDB

Alberto Zeledon

unread,

Apr 10, 2013, 1:53:21 PM4/10/13

to pwm-g...@googlegroups.com

I delegated rights in my AD to all the users in my domain to change and reset passwords, yet when I try to change my password (I have domain admin rights as well) I get the following error.

New password does not meet requirements. Please try using a different password. { 4038 PASSWORD_UNKNOWN_VALIDATION (error setting password for user 'CN=Al Zeledon,cn=users,dc=lab,dc=boomi,dc=com'' com.novell.ldapchai.exception.ChaiPasswordPolicyException: [LDAP: error code 53 - 00002077: SvcErr: DSID-03190E49, problem 5003 (WILL_NOT_PERFORM), data 0 ]) }

I know the password meets all requirements....where should I look??

thanks

AL

Jim Willeke

unread,

Apr 10, 2013, 2:29:09 PM4/10/13

to pwm-general

Usually, when changing a password, this error is returned when you are not using LDAPS cor your connection.

To change a password in AD you need to use LDAPS.

--

-jim
Jim Willeke

--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pwm-general...@googlegroups.com.
To post to this group, send email to pwm-g...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/FSlgKwv-dh8J.
For more options, visit https://groups.google.com/groups/opt_out.

Jason Rivard

unread,

Apr 10, 2013, 2:38:47 PM4/10/13

to pwm-general

Most likely your ldap connection isnt secure.

--

Alberto Zeledon

unread,

Apr 10, 2013, 3:36:35 PM4/10/13

to pwm-g...@googlegroups.com

Throw me a bone here !!! Does anybody know how to do enable secure connections to AD (Windows Server 2008 R2) and PWM running on Linux (Redhat)

Thanks for any help here.

AL

Jim Willeke

unread,

Apr 10, 2013, 3:52:21 PM4/10/13

to pwm-general

This should get LDAPS working.

http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx

You should download a good LDAP browser to test with. I like Apache Studio.

Use the browser to confirm you can make a LDAPS connection.

Once the above is working, you will need to import the certificate from the LDAP server into PWM as described in the "Secure LDAP Connection" section of the PWM Administration Manual.

--

-jim
Jim Willeke

To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/daQYbiClb4EJ.

Alberto Zeledon

unread,

Apr 10, 2013, 6:34:25 PM4/10/13

to pwm-g...@googlegroups.com

Thanks very much...you guys are life savers !!!

AL

Reply all

Reply to author

Forward