Re: Changing passwords via Open LDAP OS X 10.3 Server

[Dieter Kluenter <dieter@dkluenter.de>]

Isaac Ordonez <iordonez@srcs.org> writes:

> Ok interesting.  Since PHP cannot do a simple bind is there any way to
> allow users to change their password via webmail (I'm gathering SASL
> is an auth module, would it be easy to install another module along
> side it?)

Sorry you got it wrong, PHP can only do a simple bind, it cannot
handle strong binds, and, no sasl is required for strong
authentication. 
PHP-4.2 and above can handle the function ldap_start_tls. If
your webmail application implements this function you might at least
encrypt your session. 

> Also now when I issue the ldappasswd command I get the following:
>
> mail:~ admin$ ldappasswd -x -D uid=test,dc=srcs,dc=org -W
> Enter LDAP Password:
> ldap_bind: Invalid credentials (49)

Is the distinguished name correct?
check twice :-)
Does the DN 'uid=test,dc=srcs,dc=org' exist on your system?

>  From reading some posts on the net it might have something with my
>  ACLS.  I'm still using the defaults on the server which are:

No, the error says 'Invalid credentials', that is, either the DN does not
exist or is misspelled, or the password is incorrect.
[...]
>
> Thanks so much for your time!
[...]

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de