From 15eb343b9c235a1ca3a6cc48f730590949d439ec Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Wed, 23 Jul 2014 13:03:57 +0200 Subject: Allow hashed passwords in DS Without nsslapd-allow-hashed-passwords being turned on, user password migration fails. https://fedorahosted.org/freeipa/ticket/4450 Reviewed-By: Alexander Bokovoy --- freeipa.spec.in | 4 ++-- install/updates/10-config.update | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/freeipa.spec.in b/freeipa.spec.in index 5e0fe961f..50262f7fb 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -86,7 +86,7 @@ Group: System Environment/Base Requires: %{name}-python = %{version}-%{release} Requires: %{name}-client = %{version}-%{release} Requires: %{name}-admintools = %{version}-%{release} -Requires: 389-ds-base >= 1.3.2.19 +Requires: 389-ds-base >= 1.3.2.20 Requires: openldap-clients > 2.4.35-4 Requires: nss >= 3.14.3-12.0 Requires: nss-tools >= 3.14.3-12.0 @@ -122,7 +122,7 @@ Requires: zip Requires: policycoreutils >= %{POLICYCOREUTILSVER} Requires: tar Requires(pre): certmonger >= 0.65 -Requires(pre): 389-ds-base >= 1.3.2.19 +Requires(pre): 389-ds-base >= 1.3.2.20 Requires: fontawesome-fonts Requires: open-sans-fonts diff --git a/install/updates/10-config.update b/install/updates/10-config.update index 1512b3601..30fafbf9e 100644 --- a/install/updates/10-config.update +++ b/install/updates/10-config.update @@ -63,3 +63,8 @@ addifnew:nsSaslMapPriority: 10 # Can be removed when https://fedorahosted.org/389/ticket/47457 is fixed dn: cn=config only:nsslapd-sasl-max-buffer-size:2097152 + +# Allow hashed passwords to be added by non-DM users. Without this +# setting, password migration fails +dn: cn=config +only:nsslapd-allow-hashed-passwords:on -- cgit