389 DS integration issues
412 views
Skip to first unread message
Laszlo Tornoci
Aug 7, 2013, 5:18:15 AM8/7/13
to pwm-g...@googlegroups.com
Hi,
I've recently discovered PWM. I think it's very nice, so I decided to integrate it into our LDAP based central auth system. I am working on translating PWM trunk strings to Hungarian. I can post the translation in a few days.
However, I also encountered a few issues as well. We use the open source 389 Directory Server. I managed to add the object class and ACIs that PWM needs, and many things work as expected (changing passwords, updating profile data, storing security responses), but e.g. when a user tries to activate an account I get this error:
PWM 5046
An error occurred while unlocking your account. Please contact your administrator. { 5046 ERROR_UNLOCK_FAILURE (unable to unlock user uid=testuser,ou=People,dc=semmelweis-univ,dc=hu error: [LDAP: error code 16 - No Such Attribute]) }
According to the LDAP logs PWM tries to delete the 'pwdaccountlockedtime' attribute, which doesn't exist in 389DS.
I also saw this: https://groups.google.com/forum/#!searchin/pwm-general/389/pwm-general/nuEEfg8jO4k/V72kFysP55QJ (Helpdesk unlock account in 389 DS).
One of the nice thing about PWM is the Helpdesk module, so I'd really like to fix these problems. I am not a java programmer, but I am willing to experiment a bit with the source. Which parts should I look at?
Yours: Laszlo
I've recently discovered PWM. I think it's very nice, so I decided to integrate it into our LDAP based central auth system. I am working on translating PWM trunk strings to Hungarian. I can post the translation in a few days.
However, I also encountered a few issues as well. We use the open source 389 Directory Server. I managed to add the object class and ACIs that PWM needs, and many things work as expected (changing passwords, updating profile data, storing security responses), but e.g. when a user tries to activate an account I get this error:
PWM 5046
An error occurred while unlocking your account. Please contact your administrator. { 5046 ERROR_UNLOCK_FAILURE (unable to unlock user uid=testuser,ou=People,dc=semmelweis-univ,dc=hu error: [LDAP: error code 16 - No Such Attribute]) }
According to the LDAP logs PWM tries to delete the 'pwdaccountlockedtime' attribute, which doesn't exist in 389DS.
I also saw this: https://groups.google.com/forum/#!searchin/pwm-general/389/pwm-general/nuEEfg8jO4k/V72kFysP55QJ (Helpdesk unlock account in 389 DS).
One of the nice thing about PWM is the Helpdesk module, so I'd really like to fix these problems. I am not a java programmer, but I am willing to experiment a bit with the source. Which parts should I look at?
Yours: Laszlo
Menno Pieters
Aug 7, 2013, 2:54:28 PM8/7/13
to pwm-g...@googlegroups.com
The unlock code is in a related project called LdapChai. Please post an enhancement request for that project.
- Menno--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pwm-general...@googlegroups.com.
To post to this group, send email to pwm-g...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/b6b73d26-211b-4ffa-a96b-6a1dba7d249b%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Laszlo Tornoci
Aug 8, 2013, 12:16:05 PM8/8/13
to pwm-g...@googlegroups.com
Thank you Menno. Here it is: http://code.google.com/p/ldapchai/issues/detail?id=11
Looks like it is quite easy to fix.
Yours: Laszlo
Looks like it is quite easy to fix.
Yours: Laszlo
bela....@gmail.com
Sep 25, 2014, 2:00:54 PM9/25/14
to pwm-g...@googlegroups.com
Still no fix for this? Actually just being able to remap pwdaccountlockedtime to another attribute or disable the unlocking would suffice.
solomon...@gmail.com
Mar 9, 2015, 7:59:06 PM3/9/15
to pwm-g...@googlegroups.com, bela....@gmail.com
According to https://code.google.com/p/ldapchai/issues/detail?id=11 this has been fixed, yet it is still happening to me. Any thoughts?
Reply all
Reply to author
Forward
0 new messages