Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FreeIPA - password change works only for users with "System: change user password" permission. #122

Open
tennaen opened this issue Jan 16, 2017 · 2 comments
Open

FreeIPA - password change works only for users with "System: change user password" permission. #122

tennaen opened this issue Jan 16, 2017 · 2 comments

Comments

@tennaen
Copy link

tennaen commented Jan 16, 2017
edited
Loading

As metioned above. When i am trying to reset password for user, who has admin rights in IPA, there is no problem with password change. When i do same thing to a normal user i get "LDAP: error code 50 - Insufficient 'write' privilege to the 'ipaNTHash' attribute"
My proxy user has permissions to change password.
I am using PWM 1.8.0.
@zwolfinger
Copy link

I have the same problem. Recently enbled ipaNTHash on the FreeIPA server so we could use RADIUS with MSCHAP on our switches.

@ondj
Copy link

ondj commented Feb 8, 2018

For me works this command:

ipa selfservice-mod --attrs=ipaNTHash "Self can write own password"

This adds permission to edit ipaNTHash own field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zwolfinger @ondj @tennaen