RE: configure OpenLDAP to allow directory users - change pass

["Anne Moore" <diabeticithink@yahoo.com>]

We've tried the ldappasswd on the clients and receive this error: 

"ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
additional info: SASL(-13): user not found: no secret in database" 

Obviously something is not configure correctly.

Any ideas on this error?

Thank you

Anne

-----Original Message-----
From: openldap-software-bounces+diabeticithink=yahoo.com@OpenLDAP.org
[mailto:openldap-software-bounces+diabeticithink=yahoo.com@OpenLDAP.org] On
Behalf Of Kurt Zeilenga
Sent: Friday, September 14, 2007 2:20 AM
To: Anne Moore
Cc: openldap-software@openldap.org
Subject: Re: configure OpenLDAP to allow directory users - change pass


On Sep 13, 2007, at 3:12 PM, Anne Moore wrote:

> Hi All
>
> Does anyone know how to configure OpenLDAP to allow directory users to 
> change their own passwords?
>
> I've using Openldap-2.2.13-7.4E (on my RedHat server)
>
> As it is now, I have to change everyone's directory password for them 
> and the security department isn't liking it.

What do ldappasswd(1) and/or ldapmodify(1) say when changing the directory
user's password when run as the user (instead of you or the Directory
Manager)?

Note: If the users are using some other software, you might have a problem
with that software.  But before raising an issue (on a list about the other
software, not here) you should make sure things work using only OpenLDAP
Software.  So, even if your users aren't using these tools, you should test
with them (as a user) before doing anything else.

-- Kurt