[Date Prev][Date Next]
RE: configure OpenLDAP to allow directory users - change pass
<quote who="Anne Moore">
> Haha, yah perhaps so! However, that didn't work either. Now I just get
> another set of errors:
> "Result: Strong(er) authentication required (8)
> Additional info: only authenticated users may change passwords"
> This is a major pain in the butt...
> I just wish there was documentation on there on the basics of this setup,
> but so far, I've found nothing...
Did you bind as the user you were changing the password for? with -x -D -W ?
> Thanks anyway
> -----Original Message-----
> From: Gavin Henry [mailto:firstname.lastname@example.org]
> Sent: Friday, September 14, 2007 11:20 AM
> To: Anne Moore
> Cc: email@example.com
> Subject: RE: configure OpenLDAP to allow directory users - change pass
> <quote who="Anne Moore">
>> We've tried the ldappasswd on the clients and receive this error:
> ldappasswd -x
> You're going to have to try a bit harder ;-)
>> "ldap_sasl_interactive_bind_s: Internal (implementation specific)
>> additional info: SASL(-13): user not found: no secret in database"
>> Obviously something is not configure correctly.
>> Any ideas on this error?
>> Thank you
>> -----Original Message-----
>> From: openldap-software-bounces+diabeticithink=yahoo.com@OpenLDAP.org
>> Behalf Of Kurt Zeilenga
>> Sent: Friday, September 14, 2007 2:20 AM
>> To: Anne Moore
>> Cc: firstname.lastname@example.org
>> Subject: Re: configure OpenLDAP to allow directory users - change pass
>> On Sep 13, 2007, at 3:12 PM, Anne Moore wrote:
>>> Hi All
>>> Does anyone know how to configure OpenLDAP to allow directory users
>>> to change their own passwords?
>>> I've using Openldap-2.2.13-7.4E (on my RedHat server)
>>> As it is now, I have to change everyone's directory password for them
>>> and the security department isn't liking it.
>> What do ldappasswd(1) and/or ldapmodify(1) say when changing the
>> directory user's password when run as the user (instead of you or the
>> Directory Manager)?
>> Note: If the users are using some other software, you might have a
>> problem with that software. But before raising an issue (on a list
>> about the other software, not here) you should make sure things work
>> using only OpenLDAP Software. So, even if your users aren't using
>> these tools, you should test with them (as a user) before doing
>> anything else.
>> -- Kurt