[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More on my password problem

Hi Ric

It seems to me (newbie) a ACL problem. Can you send your slapd.conf? I
think that is interesting send /etc/pam.d/passwd too.
Are there something like this in yor slapd.conf?


# ACLs
password-hash {CRYPT}
access to attribute=userPassword
        by self write
        by dn="cn=admin,dc=my,dc=domain" write
        by dn="cn=proxyagent,ou=contasIT,dc=my,dc=domain" read
        by * compare
access to *
        by * read


Best regards

                      "Tibbetts, Ric"                                                                                                        
                      <ric.tibbetts@ngc.com>           To:       openldap-software@OpenLDAP.org                                              
                      Sent by:                         cc:                                                                                   
                      owner-openldap-software@O        Subject:  More on my password problem                                                 
                      28/07/2003 14:19                                                                                                       

I stumbled on this. Aparently, my password problem is worse than I thought.

The set up:
             Server:  Solaris 9.0 w/OpenLdap 2.1.22
             client:  Redhat 8.0 & 9 with default ldap instl.

If (on the client, logged in as the user), I type passwd, I get an
Authentication error.

If (as root) I type "id <user>", I get the correct uid, and group
entries. No problem there.
But, if as root, I type "passwd -S <user>", I get: "Unknown user"

So, for some reason, the passwd command is failing to authenticate.
(BTW: The user IS able to log in. So "login" authenticates fine, it's
just passwd that doesn't).

I'd really appreciate any thoughts on this.