[Date Prev][Date Next] [Chronological] [Thread] [Top]

More password questions

Title: More password questions

I have been working with LDAP in a Linux environment with one LDAP server/client machine and two LDAP client machines.

I have a user defined only in the LDAP data base and can authenticate from all three client environments.  Also, su and getent passwd work correctly as does id while I'm logged on as the user.

What I can't do is change the user's password (either as root or as the user).

I've tried two things, both individually and together:

1) Add the following entry to the client ldap.conf file:

pam_password exop

2) Add the following entry to the server slapd.conf:

# Restrict userPassword to be for authentication only, but allow users to modify
# their own passwords.
access to attrs=userPassword
     by self write
     by * auth

Neither change helps. The second change is actually disruptive and I can no longer login or su to the LDAP account while in that mode.

I must be missing something really basic but can't figure out what.

Confused in Anaheim....


This message contains confidential information intended only for the use of the addressee(s)

named above and may contain information that is legally privileged.  If you are not the

addressee, or the person responsible for delivering it to the addressee, you are hereby
notified that reading, disseminating, distributing or copying this message is strictly prohibited. 

If you have received this message by mistake, please immediately notify us by replying to the

message and delete the original message immediately thereafter.


Thank you.                                                                                                       FADLD Tag