Hi,
I was able to setup the PWM 2.0.8 docker container along with an PostgreSQL docker container.
I managed to (as I think) configure everything correctly with my AD on a Windows Server 2008 R2 and a TOTP verification for password reset.
When trying to reset a forgotten password I get
"{ 4006 PASSWORD_BADPASSWORD (error setting password for user 'CN=User,OU=IT,OU=business,DC=enterprise,DC=domain,DC=local (default)'' javax.naming.NoPermissionException: [LDAP: error code 50 - 00000005: SecErr: DSID-031A11CC, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
]) }"
I suspected this is a problem of my password policy on the AD, but when resetting the same password from the AD directly it works.
The proxy user has been granted all the permissions following these steps:
Right-click in users OU > Delegate Control.
Add PWM_Proxy(proxy user) > Create custom task > User objects > Property-specific.
Select all the permissions (including ldif imported ones).
The only attribute that is not on my AD’s list is objectClass
The User container DN I selected is: OU=business,DC=enterprise,DC=domain,DC=local, it contains all the OU’s with users.
This only happens when resetting a forgotten password, when I try to change a password after logging in PWM with a user it works correctly.
Has anybody found a solution to this problem?
Thank you in advance.