I'm still trying to reproduce this problem. el5 i386 does not
problem - now trying el5 x86_64
Well, I got 1 step closer. Along with users not being able to login, when
they reset their passwords (done via a perl module; which worked before the
upgrade), it would update ldap, but they still couldn't login. Then taking a
shot in the dark in the code that updated/created the password instead of
passing an SSHA'd password to ldap update command, I now pass a plaintext
password and it works.
Is it possible that in the latest 389 version, that the values for the
userPassword attributes are being stored/read differently?