[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: rootbinddn & passwd as root
Heres my fix (and backassword typo[s] uncovered)
Make sure you have "rootbinddn" uncommented in your ldap.conf. Passwd
needs to bind as someone who can modify the password entries in ldap. You
have to make sure that your /etc/ldap.secret exists with the correct
password, this file needs to have to newlines after your password (use
`echo secretpass > /etc/ldap.secret`) otherwise you will run into
problems.
2 Problems I had. The rootbinddn line in ldap.conf had
cn=manager,dc=domain,dc=com in single quotes! openldap does not like
this. Just dont use any quotes like this:
rootbinddn cn=manager,dc=domain,dc=com
Here is my pam.d/passwd
--snip
#%PAM-1.0
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_pwdb.so shadow nullok
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so retry=3
type=aerospace
password sufficient /lib/security/pam_ldap.so authtok use_first_pass
password required /lib/security/pam_pwdb.so authtok use_first_pass
md5 shadow
--snip
Good luck!!!
Caylan
On 29 Jul 2002, Tony Earnshaw wrote:
> fre, 2002-07-26 kl. 22:17 skrev Caylan Van Larson:
>
> > [root@betamax pam.d]# passwd caylan
> > Changing password for user caylan.
> > passwd: User not known to the underlying authentication module
>
> Now I'm stuck with this, too.
>
> Best,
>
> Tony
>
> --
>
> Tony Earnshaw
>
> The usefulness of RTFM is vastly overrated.
>
> e-post: tonni@billy.demon.nl
> www: http://www.billy.demon.nl
> gpg public key: http://www.billy.demon.nl/tonni.armor
>
> Telefoon: (+31) (0)172 530428
> Mobiel: (+31) (0)6 51153356
>
> GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
> 3BE7B981
>
>
>