[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: NSS/PAM_LDAP Management

Greg schrieb:
>    ... I've been using LDAPXplorer under PHP-3 to create
>    accounts, but that does not create home directories, figure out group
>    mappings and the like. How do you guys do it?

Five thausand? ... I assume you won´t insert all accounts
manually, would you?

Using the Migration scripts would be best, I think.

> 2. When I attempt to change a password from the command line now, I get
>    th following dialog. Any pointers would be helpful..
> [root@tori openldap]# passwd
> New UNIX password:
> Retype new UNIX password:
> Enter login(LDAP) password:
> New password:
> Re-enter new password:
> LDAP password information update failed: Insufficient access
> passwd: all authentication tokens updated successfully

Have you controlled your log files for further information?
Sounds to me as if the password attributes are not writeable for
the user pam_ldap is running with. In fact I don´t know which
user pam_ldap uses to bind with, maybe it is the current user.
If so, userPassword should be configured self-writeable in the

I am interested in the solution as well... so if nobody minds,
please send the result to the list.