>> I'm switching from OpenLDAP to the newly released Fedora Directory >> Server (formely known as the Netscape Directory Server) as a LDAP >> backend for my Samba domain. >> >> I'm now faced with a problem regarding how Fedora DS handles the >> userPassword field. >> Unlike OpenLDAP it encodes it in base64 so instead of reading >> userPassword: {SSHA}0lP+r3Z1NVan7Caf4CG9oSgnTbQRrv/p >> it reads: >> userPassword:: e1NTSEF9MGxQK3IzWjFOVmFuN0NhZjRDRzlvU2duVGJRUnJ2L3A=
As it turnes out that was not the problem. The problem was that no one can change the password of a user (not ever the Directory superuser) without passing the current password as well. kung.foo.is ~$ ldappasswd -x -ZZ -D "cn=Directory Manager" -W uid=gg,ou=People,dc=kung,dc=foo -s newpass Enter LDAP Password: Result: Unknown error (89) Additional info: Current passwd must be supplied by the user. >> However, if I use the smbldap-passwd utility everything works like a >> charm. >> Both the SambaLMPassword/SambaNTPassword and userPassword entries are >> changed. This puzzles me a bit though. Can I somehow make Samba envoke the smbldap-passwd utility when users try to change their password from Windows ? -- Sævaldur Gunnarsson /> RHCE -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba