[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Changing passwords via Open LDAP OS X 10.3 Server


Isaac Ordonez <iordonez@srcs.org> writes:

> Hello everyone,
> I'm pretty much here on behalf of people on the Mac OS X server admin
> mailing list.
> We recently migrated to OS X 10.3 server for our mail server.  So far
> I have found the Open LDAP is the base for directory services in this
> OS. I'm not familiar with Ldap but I'm trying to take a crash course.
> I'm having problems with users being able to change their passwords
> via LDAP (and a squirrel mail LDAP plugin).  I've scoured the archives
> but nothing seems to quite pertain to my situation.  here it is:

php is not able to handle sasl, that is you can't do a strong bind
with any php application.
> When I try to bind as a user in LDAP Browser\Editor 2.8.2 (java
> program) it fails to connect.  When I bind anonymously I can see all
> my users, etc.
> If I try and run ldappasswd I get the following:
> mail:~ admin$ ldappasswd -D uid=test,dc=srcs,dc=org -W
> Enter LDAP Password:
> SASL/CRAM-MD5 authentication started
> ldap_sasl_interactive_bind_s: Internal (implementation specific) error
> (80)
>          additional info: SASL(-1): generic failure: incorrect digest
>          response

You are trying to initialise a strong bind, thus sasl is complaining.
A simple bind requires the flag -x, that is:
ldappasswd -x -D uid=test,dc=srcs,dc=org -W


Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de