[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Implementing PPolicy



Well I'm not sure what I did really. I uninstalled libpam-ldap and reinstalled libpam-ldapd on my client machine, I then made sure I had the following in the /etc/nslcd.conf file:

============================================
# The DN used for password modifications by root.
rootpwmoddn cn=admin,dc=harmonywave,dc=com
============================================

and now it's allowing me to login and change my password. Maybe I didn't have this configured correctly when I first installed libpam-ldapd. I also tried changing my password again, which shouldn't be allowed (pwdMinAge: 86400 - 1 day) and it did give me an error:

password change failed: Constraint violation
passwd: Authentication token manipulation error

I'm assuming this is because of the ppolicy overlay. I have to run off to work so I won't be able to do my own searching on whether this is correct or not until tonight, however, I just thought I'd ask if it is possible to display a more user friendly error message, such as: attempt to change password too frequently....

Thanks,
Josh

On 01/23/2014 12:53 AM, Dieter KlÃnter wrote:
slap_access_allowed: auth access granted by auth(=xd)