Novell Home

Fixing Invalid Userpassword Data

Novell Cool Solutions: Feature
By Ottmar Konrad

Digg This - Slashdot This

Posted: 15 Dec 2004
 

TID 2970203 explains how to correct a problem with invalid attribute data in "userpassword," using two SCH files. But if you have ZENworks 4.x installed, the userpassword attribute is also used in several other locations. That means you will likely get a "schema in use" error when you follow TID 2970203 with ZENworks installed.

One of our Cool Solutions readers, Ottmar Konrad, came up with a quick and easy approach to get around this problem. Essentially, you add four classes to the two patch files from TID 2970203 (deluserp.sch and newuserp.sch). The modified patch files with the classes added are shown in the examples below. Once you modify the files, go ahead and deploy them the same way as described in TID 2970203. (Note: Novell does not support this approach - use it on your own.)

Example 1: Changed deluserp.sch

DelUserPassword {2 5 4 35} DEFINITIONS ::=

BEGIN
-- Modifying OBJECT User. 
-- Unix password has to be stored with each user in NIS. 
-- Take it out so we can delete it.
"User" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

-- Modifying OBJECT Group.
-- Group object used in NIS should have a Password. 
-- Take it out so we can delete it.
"Group" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

"zendmWakeUpPolicy" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

"zendmWolService" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

"zeninvRollUpPolicy" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

"zeninvService" OBJECT-CLASS ::=
{
   Operation   REMOVE,
   MayContain  {"userPassword"}
}

"userPassword" ATTRIBUTE ::=
{
	Operation	REMOVE
}

END

Example 2: Changed newuserp.sch

NewUserPassword {2 5 4 35} DEFINITIONS ::=

BEGIN

-- Adding ATTRIBUTE userPassword. It stores the password.
-- This attribute is as per rfc 2256.
"userPassword" ATTRIBUTE ::=
{
	Operation	ADD,
	SyntaxID	SYN_OCTET_STRING,
	Flags { DS_SIZED_ATTR, DS_SINGLE_VALUED_ATTR, DS_SYNC_IMMEDIATE},
	LowerBound	1,
	UpperBound	128,
	ASN1ObjID	{2 5 4 35}
}

-- Modifying OBJECT User. 
-- Unix password has to be stored with each user in NIS. 
-- Add it back again, if it was deleted
"User" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

-- Modifying OBJECT Group.
-- Group object used in NIS should have Password.  
-- Add it back again, if it was deleted
"Group" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

"zendmWakeUpPolicy" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

"zendmWolService" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

"zeninvRollUpPolicy" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

"zeninvService" OBJECT-CLASS ::=
{
   Operation   MODIFY,
   MayContain  {"userPassword"}
}

END


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell