This is a shot in the dark,
but have you tried specifying:
pam_password exop
..in /etc/ldap.conf?

I suggest this because you mention ldappasswd seems to do the job, and ldappasswd uses the password change extended operation to do its work.


Philip Kime wrote:
Any pointers welcome. This is on RHEL4 and FDS 1.0.2. pam_ldap moans about referrals when the first LDAP server in ldap.conf is a consumer-only. No problem if it's talking to a read-write master. # passwd test
Changing password for user test.
Enter login(LDAP) password:
New UNIX password:
Retype new UNIX password:
LDAP password information update failed: Referral
I tried nss_ldap-226 and nss-ldap-253 which comes with an updated pam_ldap. I have referrals yes in ldap.conf I can do a manual ldappasswd update to the consumer and it works, presumably referring to a writable master ok (thought I can't see anything about referrals in the ldappasswd debugging output, nor nothing in the master logs). PK

--
Philip Kime
NOPS Systems Architect
310 401 0407
------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users

Reply via email to