ODSEE - LDAP Password "ldappasswd" Modify Extended Operation
(Doc ID 1386212.1)
Last updated on MAY 01, 2023
Applies to:
Oracle Directory Server Enterprise Edition - Version 6.0 and laterInformation in this document applies to any platform.
Symptoms
The first time attempting to run ldappasswd against a Directory Server (DS) 6.x instance, the following Insufficient access error:
./ldappasswd -p PORT -D "uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>" -w <PASSWORD>
-S uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>
New Password:
Re-enter new Password:
ldap_passwd_s: Insufficient access
-S uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>
New Password:
Re-enter new Password:
ldap_passwd_s: Insufficient access
And the corresponding output of the DS access log will look like:
[08/Jun/2007:11:39:57 +0200] conn=69 op=0 msgId=1 - BIND dn="uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>" method=128 version=3
[08/Jun/2007:11:39:57 +0200] conn=-1 op=-1 msgId=-1 - SRCH base="uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>" scope=0 filter="(|(objectclass=\*)(objectclass=ldapsubentry))" attrs=ALL
[08/Jun/2007:11:39:57 +0200] conn=-1 op=-1 msgId=-1 - RESULT err=0 tag=101 nentries=1 etime=0.000340
[08/Jun/2007:11:39:57 +0200] conn=69 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0.001320 dn="uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>"
[08/Jun/2007:11:39:57 +0200] conn=69 op=1 msgId=2 - EXT oid="1.3.6.1.4.1.4203.1.11.1"
[08/Jun/2007:11:39:57 +0200] conn=69 op=1 msgId=2 - RESULT err=50 tag=120 nentries=0 etime=0.000400, Password change feature access denied.
[08/Jun/2007:11:39:57 +0200] conn=69 op=2 msgId=3 - UNBIND
[08/Jun/2007:11:39:57 +0200] conn=-1 op=-1 msgId=-1 - SRCH base="uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>" scope=0 filter="(|(objectclass=\*)(objectclass=ldapsubentry))" attrs=ALL
[08/Jun/2007:11:39:57 +0200] conn=-1 op=-1 msgId=-1 - RESULT err=0 tag=101 nentries=1 etime=0.000340
[08/Jun/2007:11:39:57 +0200] conn=69 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0.001320 dn="uid=<USER-1000>,ou=people,dc=<SUFFIX_DN>"
[08/Jun/2007:11:39:57 +0200] conn=69 op=1 msgId=2 - EXT oid="1.3.6.1.4.1.4203.1.11.1"
[08/Jun/2007:11:39:57 +0200] conn=69 op=1 msgId=2 - RESULT err=50 tag=120 nentries=0 etime=0.000400, Password change feature access denied.
[08/Jun/2007:11:39:57 +0200] conn=69 op=2 msgId=3 - UNBIND
The first time attempting to run ldappasswd against a Directory Proxy Server (DPS) 6.x instance, the following "DSA is unwilling to perform" error:
# <DS_INSTALL>/dsee6/bin/ldappasswd -h HOSTNAME -p PORT -D "uid=<USER-x10001>,ou=people,dc=<SUFFIX_DN>" -w <PASSWORD> -A -S <USER-x10001>
1,ou=people,dc=<SUFFIX_DN>
Old Password:
New Password:
Re-enter new Password:
ldap_passwd_s: DSA is unwilling to perform
1,ou=people,dc=<SUFFIX_DN>
Old Password:
New Password:
Re-enter new Password:
ldap_passwd_s: DSA is unwilling to perform
And the DPS access log reports the following error message:
RESPONSE err=53 msg="There are no plugins defined to handle extended operation 1.3.6.1.4.1.4203.1.11.1"
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |