[Date Prev][Date Next]
Re: Users cannot change passwords
Sorry -- forgot to send to the list ...
In system-auth, I have the following:
password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_ldap.so use_first_pass
password sufficient /lib/security/pam_unix.so nullok use_authtok
md5 shadow use_first_pass
password required /lib/security/pam_deny.so
Notice in particular that pam_ldap comes before
pam_unix. Does that change anything?
Tibbetts, Ric wrote:
I've been staring as this to long.
I have a new OpenLDAP server, running on Solaris 9. The clients are a
combination of Solaris, and Redhat 8.0 & 9
Users can authenticate, and log into the clients just fine. But they
cannot change their password.
Using the "passwd" command gets the following:
# > passwd
Changing password for <user>
passwd: Authentication token manipulation error
Rather than try to quess at what config files to post, and clog up the
list, I put up a quick web site with the relevant config files, and
some specifics of software versions, and compile options, etc.
If anyone has a moment, could you take a look at it, and let me know
what I missed?
The site is:
Thank you in advance.
NOTE: I can point these same clients to my other LDAP server (running
on native Solaris Directory Server), and all works fine. The big
difference in configuration between the two is the use of encrypted
passwords. The Native Solaris Directory Server is NOT running with
encrypted passwords, the OpenLDAP server is.
I suspect this problem to be related to that.
As always, any help will be greatly appreciated!