[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM _LDAP and encrypted Passwords

> Hi !
    Greetings ... I think is not OpenLDAP stuff, but pam_ldap and nss_ldap
info at www.padl.com ... but here goes ...

> Im useing openldap 2.0.7 and nss_ldap-149-1.
    Kewl ..

edit /etc/ldap.conf and find the lines and change them to what you need ...

> How can I force PAM_LDAP to store encrypted passwords, if someone
> changes hist password via passwd ?
pam_password crypt
    This will use the systems crypt to hash the password, you should find a
few others in the sample file ...

> How can I change a users password on the commandline as Root, without
> knowing hist old password ?
    rootbinddn cn=Manager,dc=example,dc=com
    This should be your root DN, then you need to create a /etc/ldap.secret
in mode 600 and put your root DN's password into this ... you should then
not be ask for the old password.  Becarful if you are using Samba, I did
this and the chat for Windows password changing changed my root password.  I
would recommend that you keep a console open to fix anything that you might
change will testing that it works.  I had to hack back into my box to fix
this problem ... hehehe ...

    There are two other options, which I thought would have done this, but
can't figure what they really are for after using this, binddn and bindpw.
If anybody else knows, put it into the list.