Hi, we are running Samba 2.2.5 using LDAP und
pam_ldap (pam_unix2 with auh+account+password=use_ldap) as PDC out of the SuSE
8.1 distribution. It runs very well: Login für Unix&Samba ok,
Passwort-Change for Samba via smbpasswd Ok and we are able to manipulate the
Linux Password in LDAP using the GQ Client. The only thing that doesn't work is
passwd itself:
venezuela:/home/tdm # passwd guest
Changing password for guest. Enter login(LDAP) password: New password: Bad password: a palindrome Re-enter new password: LDAP password information update failed: Unknown error Password changed
venezuela:/home/tdm # and in /var/log/messages:
Jan 28 13:39:47 venezuela passwd[28505]: pam_ldap:
ldap_modify_s Insufficient access
Thanks in advance,
Thorsten. Some conf-staff:
/etc/openldap/ldap.conf
host
192.168.1.1
base dc=tdm-consult, dc=com ssl no # für nss_ldap
crypt des # für
pam_ldap
pam_filter objectclass=posixAccount pam_login_attribute uid pam_crypt local pam_password crypt ldap_version 3
/etc/openldap/slap.conf
suffix
"dc=tdm-consult,dc=com"
rootdn "cn=tdm,dc=tdm-consult,dc=com" rootpw {crypt}... /etc/pam.d/passwd
auth required
pam_unix2.so nullok
account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_unix2.so /etc/security/pam_unix2
auth: use_ldap
nullok
account: use_ldap password: use_ldap nullok session: none |
- ldap_modify_s Insufficient access Thorsten D. Marsen
- ldap_modify_s Insufficient access Thorsten D. Marsen
- Re: [Samba] ldap_modify_s Insufficient access Leonardo Fogel