Openldap

更新 sambaPwdLastSet 時出現錯誤的屬性類型

  • March 21, 2014

我正在嘗試為使用者重置密碼到期(實際上為此設置了一個半自動過程),這讓我哭了:

伺服器是openldap slapd:2.4.28-1.1ubuntu4.2

$ ldapsearch -x -b dc=internal,dc=brazzers,dc=com uid=jenna sambaPwdLastSet sambaPwdMustChange
# jenna, People, internal.brazzers.com
dn: uid=jenna,ou=People,dc=internal,dc=brazzers,dc=com
sambaPwdLastSet: 1395420463
sambaPwdMustChange: 1398098896

測試輸出:

$ cat <<EOF
dn: uid=jenna,ou=People,dc=internal,dc=brazzers,dc=com
changetype: modify
replace: sambaPwdLastSet 
sambaPwdLastSet: $(date -u +%s)
-
replace: sambaPwdMustChange
sambaPwdMustChange: $(date -u -d "+1 month" +%s)
-

EOF

結果是:

dn: uid=jenna,ou=People,dc=internal,dc=brazzers,dc=com
changetype: modify
replace: sambaPwdLastSet 
sambaPwdLastSet: 1395421165
-
replace: sambaPwdMustChange
sambaPwdMustChange: 1398099565
-

好的,讓我們這樣做:

$ cat <<EOF | ldapmodify -D cn=admin,dc=internal,dc=brazzers,dc=com -W
dn: uid=jenna,ou=People,dc=internal,dc=brazzers,dc=com
changetype: modify
replace: sambaPwdLastSet 
sambaPwdLastSet: $(date -u +%s)
-
replace: sambaPwdMustChange
sambaPwdMustChange: $(date -u -d "+1 month" +%s)
-

EOF
Enter LDAP Password: 
ldapmodify: wrong attributeType at line 4, entry "uid=jenna,ou=People,dc=internal,dc=brazzers,dc=com"

什麼?怎麼可能是錯的?

啊!尾隨空格的又一次攻擊!

我有一個尾隨空格,replace: sambaPwdLastSet就像:

使用 ldapadd 時出現“錯誤的屬性類型”

引用自:https://serverfault.com/questions/583744