[Date Prev][Date Next] [Chronological] [Thread] [Top]

root cannot change user password with command "passwd", sssd, pam, openldap

Hi list,
I'm using CentOs 6.4, and moved user management to OpenLDAP. As far as
it works fine for user - user can login, do `passwd` to change his
password, etc. - it fails for root to change users passwords. Root
have to use ldapmodify. Is
it normal behavior, or do I have some configuration errors?

For now, LDAP ACL was "turned off" - every user has manage permission.
I know it's a security issue, but I wanted to remove potential
interference. I will change this as soon as root can change users
SELlinux was also turned off to eliminate it's potential interference.
Iptables was "turned off", as well, though I thing it doesn't matter
as long as port 389 is open.

My configs, logs, etc are in here: http://fpaste.org/26708/
Thanks in advance,