[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...

To: openldap-software@OpenLDAP.org
Subject: Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
From: Kris Maglione <bsdaemon@comcast.net>
Date: Fri, 03 Jun 2005 18:52:40 -0400
In-reply-to: <42A08CDB.6070009@symas.com>
References: <060320051459.1747.42A07041000070E6000006D322070029530201030A0E0B9C0D@comcast.net> <42A08CDB.6070009@symas.com>
User-agent: Mozilla Thunderbird 1.0 (X11/20041213)

That implies that the operation structure is corrupted. Most likely the slap.h you compiled against doesn't match the version of the running slapd.

Yeah... I deleted the directory and did a 'cvs update' and forgot to change the -I in the makefile to the 2.2 source tree.

I'm having another problem now, though. The change password operation now works perfectly. The {K5KEY} mechenism doesn't, however. The k5key_chk function gets called, but I can't authenticate a user. The password works fine for kinit. The account has write access to all kerberos and samba attributes. If it's important, I collect kerberos4, 5, and afs keys.

By the way, is there a way (I'm willing to write the code) to deny write access to all kerberos/samba attributes and still have an overlay change them? I want the module to be able to change the "must change" time, etc, but not the user. I also don't want them to be able to manually alter their own hashes.

Follow-Ups:
- Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
  - From: Howard Chu <hyc@symas.com>
- Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
  - From: Howard Chu <hyc@symas.com>

References:
- smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
  - From: bsdaemon@comcast.net
- Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: slapd/bdb stability problem
Next by Date: Re: smbk5pwd: ldap_pvt_thread_pool_getkey fails, etc...
Index(es):
- Chronological
- Thread