[Date Prev][Date Next]
simple bind doesn't work
perhaps this is a newby problem, but I'm not getting over it
I can't change the password of my LDAP users using either
ldappasswd or passwd with the correct pam-stack settings.
Authentication and accounting is no problem. I can use
every service I want (su, ssh, proftp, login and so on).
If I try to change the password (using ldpapasswd) of a
user which is already authenticated through LDAP (for example with ssh)
the log tells me that only authenticated users are able to change
the password and that strong authentication must be used
(very strange behaviour).
If I'm doing the same using passwd (with configured pam-stack)the
log tells me that there is no object corresponding to the user.
Errornumber 32 is reported, which says, the the user couldn't be
found on the ldap server.
Here a snippet out of the log:
slapd: Mod dn="uid=malcolmx, ou=people, ou=division, ou=company"
slapd: conn=44 op=5 Result tag=103 err=32 text=
pam_ldap: ldap_modify_s No such object
So my first idea was that my ACL's are the problem, but I've set
them with read access for everyone (Tried also to swap the entrys).
Here my ACL's:
access to attr=userPassword
by self write
by * auth
by * read
access to * by * read
So the problem is that I can't bind as user to the DIT and therefore
couldn't change my password. So far so bad :-((, but I have no idea
why I couldn't bind as an ordinary user with my ACLS.
So if anyone reading this SOS message has an idea I would apreciate
P.S.: Please excuse my poor englisch!!!!
Tel: (Germany) 06131/708290