Em Ter?a 07 Junho 2005 21:58, S?valdur Gunnarsson escreveu:
> I posted the following on the samba-users mailing list:
> --
>
> I'm switching from OpenLDAP to the newly released Fedora Directory
> Server (formely known as the Netscape Directory Server) as a LDAP
> backend for my Samba domain.
>
> I'm now faced with a problem regarding how Fedora DS handles the
> userPassword field.
> Unlike OpenLDAP it encodes it in base64 so instead of reading
> userPassword: {SSHA}8FZY4LdYi1f1oA5YgDw/+h/Rmy0mEeyO
> it reads:
> userPassword:: e1NTSEF9OEZaWTRMZFlpMWYxb0E1WWdEdy8raC9SbXkwbUVleU8=
That shouldn't pose a problem by itself. Note the double colons (::),
indicating that this is base64.
> [2005/06/07 19:27:45, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1731)
> ldapsam_update_sam_account: failed to modify user with uid = gg,
> error: Current passwd must be supplied by the user.
> (Success)
Samba binds to the DS as the admin server and then just attempts to overwrite
the userPassword attribute (I assume you have ldap sync turned on). It seems
DS doesn't like it: it requires the current password first. Perhaps there is
some configuration change that can help.
