On Mon, Aug 27, 2007 at 05:51:20PM +0200, Pierangelo Masarati wrote: > I don't think it's possible (please correct me). A solution I see is to > delegate password changes to an applicative agent (like pam_ldap, I > think) configured to use passwd exop under an identity that has write > permissions on the userPassword attribute of the users.
Of course, that an ideal situation, but I'm looking for a ban on direct userPassword change because I have not found how to get the client doing the right thing (it's MacOS X's OpenDirectory) -- Emmanuel Dreyfus [EMAIL PROTECTED]
