Changing passwords used to be problematic, and this is due to how OpenLDAP is built by default. OpenLDAP compiles with it's own MD5 before using the system (crypt(3)) MD5, which makes OpenLDAP look for passwords in a different MD5 format than the crypt(3) MD5 format. Reversing this order fixes the problem and makes OpenLDAP use crypt(3) MD5 first, which means that we can now use pam_ldap to change passwords (the user's login password will be identical to the LDAP password). This has been patched in the Mandrake Linux OpenLDAP updates in MDKA-2003:009; other distributions may or may not have this patch applied. If you do not, you can download the openldap-2.0.27-slapd-Makefile.patch and patch your own OpenLDAP installation (a rebuild would be required).The logs show this for when I try to login with bobsmith(User created with ldap, password successfully changed, but can't log in with it), and with a user who is imported from /etc/passwd(can't change password, tells me incorrect, although it does allow the user to login to the system using ldap solely):
I would say try folowing link.you need to put slapd.conf some sort of hashesTry this link it is all about mandrake but it also woks on redhathttp://www.mandrakesecure.net/en/docs/ldap-auth2.php
Yossef Korang <firstname.lastname@example.org> wrote:Ok, I try to change the password with a user imported from /etc/passwd, and it always tells me LDAP password incorrect.
Its using pam authentication.
jawed abbasi wrote:
how did you create dthis user bobsmith and set his password. I would create a system user and then migrate it to Ldap if you are a beginer. did you hash the password if you did what did you use I would create user on linux in /etc/passwd and migrate it into ldap and use authentication. what kind of authenticatio you are using TLS or pam or krebros ? There is whole bunch of questions to ask --- Yossef Korang <email@example.com> wrote:Ok, I create a test user, called bobsmith, and set the password in LDAP. Now when I try to log in with bobsmith, it tells me password incorrect(Using a cleartext password). When I issue passwd, it asks for password, I put it in(it accepts it) and then asks for the new password. I make a new password for the test user this way, and when I try to log in with him, I still can't. Any suggestions on what is going wrong would be greatly appreciated. Thanks, Yossef Korang__________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!