[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap enabled adduser, chfn, passwd, etc

The shell scripts I wrote add a user locally via adduser as usual, then
take this entry out and pass it on to migrate_passwd.pl from migration tools,
which gives me a LDIF file which I import into the LDAP database.

The only reason I still rely on adduser is because of the shadow fields,
I don't quite know how to generate, in particular, shadowFlags.

Yes, pam_ldap can write to the database via the passwd part of it.
I just cannot change passwords in a somewhat clean way, it will always
ask for LDAP and local passwords, and fail on one of them (it depends where
the user entry is, local files or LDAP). If I put pam_ldap first in the
/etc/pam.d/passwd file, then local users will be prompted for a LDAP
password which they don't have. If they just ignore it, next they will be
prompted for their local password, which then works. And so on...

Em Fri, Apr 14, 2000 at 01:55:41PM -0400, Jacob Kuntz escreveu:
> but i should have worded my question differently. i'm not so much concerned
> with replacing those tools since my organization is not ready to get rid of
> the standard unix password system. this will be used to handle users of the
> mail and web system only. perhaps i'm looking for a wrapper to ldapadd that
> looks like adduser.

Andreas Hasenack
BIG Linux user!