2014-10-13 10:46 GMT+02:00 Neil <[email protected]>: > Thanks Clement, > > I tried the rpm on el6 and it works as well and I think I've sorted > out my LDAP settings as I now get... > > [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Warning: > ldap_get_values(): Cannot get the value(s) of attribute Decoding error > in /usr/share/self-service-password/pages/change.php on line 121, > referer: http://127.0.0.1:800/ > [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Warning: > preg_match_all(): Compilation failed: missing terminating ] for > character class at offset 2 in > /usr/share/self-service-password/lib/functions.inc.php on line 171, > referer: http://127.0.0.1:800/ > [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] Cannot modify > AD password as user, referer: http://127.0.0.1:800/ > [Mon Oct 13 10:37:54 2014] [error] [client 160.128.20.4] PHP Notice: > Undefined index: changehelpextramessage in > /usr/share/self-service-password/pages/change.php on line 184, > referer: http://127.0.0.1:800/ > > Then if I try changing to manager as to who sets the password I get > the following... > > [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning: > ldap_get_values(): Cannot get the value(s) of attribute Decoding error > in /usr/share/self-service-password/pages/change.php on line 121, > referer: http://127.0.0.1:800/ > [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning: > preg_match_all(): Compilation failed: missing terminating ] for > character class at offset 2 in > /usr/share/self-service-password/lib/functions.inc.php on line 171, > referer: http://127.0.0.1:800/ > [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Warning: > ldap_mod_replace(): Modify: Constraint violation in > /usr/share/self-service-password/lib/functions.inc.php on line 275, > referer: http://127.0.0.1:800/ > [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] LDAP - Modify > password error 19 (Constraint violation), referer: > http://127.0.0.1:800/ > [Mon Oct 13 10:41:11 2014] [error] [client 160.128.20.4] PHP Notice: > Undefined index: changehelpextramessage in > /usr/share/self-service-password/pages/change.php on line 184, > referer: http://127.0.0.1:800/ > > > ...which as I see on the url you gave me says that AD won't allow me > to reset the password as the user unless I use SSL, which I > unfortunately can't do because I'm using Samba4 for my AD and I can't > control the SSL certificates. Unless I've misunderstood this > completely. > >
I never tested Samba4, but with AD, it indeed requires SSL to modify the password. The constraint violation error can also mean that the password quality is to low. Have you tried a complex password? If this does not solve your problem, you may need to configure SSL on Samba4 LDAP. > Do you know if there is a way around this, below are my current config > options... > > $ldap_url = "ldap://192.168.0.8";; > $ldap_binddn = "[email protected]"; > $ldap_bindpw = "mypass"; > $ldap_base = "dc=mydomain,dc=local"; > $ldap_login_attribute = "sAMAccountName"; > #$ldap_login_attribute = "uid"; > $ldap_fullname_attribute = "cn"; > $ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))"; > > $ad_mode = true; > #$who_change_password = "user"; > $who_change_password = "manager"; > > Not sure if there's actually a way around ? > > Configuration seems ok to me. Clément.
_______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
