[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Manage own LDAP Address book entry
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Since some of the questions aren't answered by the admin quide, some
quickies ...
Tony Earnshaw wrote:
| tir, 22.06.2004 kl. 12.16 skrev Mario Ohnewald:
|
|
|>Since i got OpenLDAP running now, i would like to know how i can give each
|>user access to change it's OWN profile/address book entry.
|>The user should log into ldap with his email address and a password.
|>The question: Where do i set it's password?
You can use ldappasswd, binding as rootdn (or another dn that has write
access to the dn's userpassword attribute).
|>I guess i could make a atribute "password" but what about the
|>samba/unix/email login password? They should all be the same, and i don't
|>want to make multiple password atributes in my object units.
|>( i hope i uses atribute and object units right here)
You have to use multiple attributes to sensibly support samba (since
samba uses encryption methods openldap does not support). The
userpassword can be used by pam_ldap (since it just binds - does the
equivalent of ldapwhoami ...). But, pam_ldap is off-topic for this list.
These documents may help you understand it more:
http://www.mandrakesecure.net/en/docs/samba-pdc.php
http://www.mandrakesecure.net/en/docs/samba-ldap-advanced.php
Of course, you will need an ACL to allow users to change the relevant
attributes.
Regards,
Buchan
- --
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFA2Eu9rJK6UGDSBKcRAlCfAJ0YoGBN3ppOM56wUI2D+Ev+bLvgrACfQG5q
LvIxwT0c9lb1CdG1JoIsoRo=
=oouk
-----END PGP SIGNATURE-----