*Hi *
*I am using NSLCD, does your suggestion still work ? I am not using TLS on
the ldap server*
*Regards*
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
, Ali Jawad ali.ja...@splendor.net wrote:
Hi Arpit
Actually I was attempting to change the password using command line
passwd
I.e. each user changes his own password, is passwd the right choice here
?
Yes, passwd is right choice, considering you have pam_ldap.so properly
configured
, Grzegorz Dwornicki gd1...@gmail.comwrote:
What about NSS configuration? Maybe there is configuration making ssl
mandatory?
Greg
13 lis 2012 12:51, Ali Jawad ali.ja...@splendor.net napisał(a):
Hi All
I am trying to change the password using passwd, please see the below :
[xyz@server
:
Sorry my bad i thinking about ldap.conf but said nss...
Does ldap.conf contains only these lines? Why you use pam_password clear
and then exop? try crypt.
Greg.
13 lis 2012 13:18, Ali Jawad ali.ja...@splendor.net napisał(a):
Hi
nsswitch.conf contains the following relevant lines, the rest
to force all the users to
change their passwords - otherwise their crypt passwords will still be
present.
On 11/12/2012 01:52 PM, Ali Jawad wrote:
Hi All
This is an all Linux environment with 389 being used as the sole
authentication mechanism, I do believe I am using crypt, I am out of office
. It should work.
On 11/12/2012 02:03 PM, Ali Jawad wrote:
In that case I have a major overhaul that I need to complete, change
password is not working for me, my assumption is that it only works with
TLS enabled between the client and the server, I have tried to get TLS to
run a few times but could
.
On 11/12/2012 01:52 PM, Ali Jawad wrote:
Hi All
This is an all Linux environment with 389 being used as the sole
authentication mechanism, I do believe I am using crypt, I am out of
office
right now, what should I use instead of crypt to match more characters ?
Regards
Hi
I just noticed that you can use the password+ANYLetters and it will work,
I.e. if the password is xyz xyz99 or xyzABC will work as well, is this a
misconfiguration on my part or a bug ?
Regards
*
*
--
389 users mailing list
389-us...@lists.fedoraproject.org
Hi
I have been running 389 dir server for around 8 months now, recently
whenever I restart or setup a new machine and connect it to the 389 server
using the same settings as the other servers it will freeze during startup
at INIT, I am using an IP in my config files.
Once I remove ldap from
On further checking the attribute passwordMustChange does not exist in my
users I did check using command line and I even tried to set it using
command line, it says Object Not found
On Thu, May 10, 2012 at 2:55 PM, Ali Jawad ali.ja...@splendor.net wrote:
I did check using debug log
Hi
Thanks for the info, server is in debug mode but no errors show.
Regards
On Thu, May 10, 2012 at 10:28 PM, Arpit Tolani arpittol...@gmail.comwrote:
Hie
On Thu, May 10, 2012 at 6:01 PM, Ali Jawad ali.ja...@splendor.net wrote:
On further checking the attribute passwordMustChange does
Hi
I know this is not a strictly 389 DS related question. I did
set idle_timelimit 60 in my /etc/ldap.conf client file but connections
stay running and do not time out. Is there any setting I need to add on the
server side ?
My Full Ldap file at /etc/ldap.conf
bind_policy soft
URI
The default is 2 hours. Set it to slightly more than the idle time limit
on your clients.
On May 9, 2012 4:05 AM, Ali Jawad ali.ja...@splendor.net wrote:
Hi
I know this is not a strictly 389 DS related question. I did
set idle_timelimit 60 in my /etc/ldap.conf client file but connections
stay
Hi Rich
Your help is highly appreciated, I got it working, thanks for your patience.
Regards
On Wed, May 9, 2012 at 5:19 PM, Rich Megginson rmegg...@redhat.com wrote:
On 05/09/2012 08:17 AM, Ali Jawad wrote:
Hi
Thanks Rich, just what I was searching for, I am facing a problem though
Hi
Any help please ?
Thanks !
On Tue, May 8, 2012 at 5:27 PM, Ali Jawad ali.ja...@splendor.net wrote:
Hi Mark
With I do logon to the GUI and I logon as the directory manager, and I do
set the password for an existing user, and I try to create a new user with
a new password. But the user does
for whitespaces, extra lines..but still same issue
I did also check for lastLoginTime values in the users in the interface,
but the value is empty..so not sure if this is the problem at all
Regards
On Wed, May 9, 2012 at 5:26 PM, Ali Jawad ali.ja...@splendor.net wrote:
Hi Rich
Your help
\nchangetype:
delete\ndelete: lastLoginTime\n\n | ldapmodify -x -h yourhost
-Dcn=directory manager -wPaSsWoRd
Jim
On Wed, May 9, 2012 at 11:09 AM, Rich Megginson rmegg...@redhat.comwrote:
On 05/09/2012 10:09 AM, Ali Jawad wrote:
Hi Rich
Seems I still got a problem, the users can't logon
Hi
I have a requirement to disable inactive users after 90 days. I did read
http://directory.fedoraproject.org/wiki/Account_Policy_Design but I am not
sure whether this is a design proposal or the actual implementation.
My DS version is :
rpm -qa | grep 389
389-admin-console-1.1.8-1.el5
)
matched DN: dc=domain,dc=local
On Wed, May 9, 2012 at 4:47 PM, Rich Megginson rmegg...@redhat.com wrote:
On 05/09/2012 07:45 AM, Ali Jawad wrote:
Hi
I have a requirement to disable inactive users after 90 days. I did read
http://directory.fedoraproject.org/wiki/Account_Policy_Design
not be able to do anything but change their password.
Mark
On 05/08/2012 07:26 AM, Ali Jawad wrote:
Hi
I did check the box that says User Must Change Password After Reset in
Data under configuration I also did set the same policy for specific users.
However, I am not being asked to change
at 08:09:04 -0600, Ali Jawad wrote:
Hi
I did install 389 and LDAP authentication, what i need to do now is
allow
access to users only to certain systems, I did checkout :
http://directory.fedoraproject.org/wiki/Howto:Posix#How_to_set_up_host_based_access_control
I tried
Hi
I did install 389 and LDAP authentication, what i need to do now is allow
access to users only to certain systems, I did checkout :
http://directory.fedoraproject.org/wiki/Howto:Posix#How_to_set_up_host_based_access_control
I tried the old method because I could not figure out the new method,
22 matches
Mail list logo