2007/9/25, Steve Rigler <srigler@xxxxxxxxxxxxxxx>: > On Tue, 2007-09-25 at 12:08 -0400, Victor Hugo dos Santos wrote: > > 2007/9/25, Steve Rigler <srigler@xxxxxxxxxxxxxxx>: > > > On Tue, 2007-09-25 at 09:55 -0400, Victor Hugo dos Santos wrote: > > > > [...] > > > > > Your accounts need to have the "shadowAccount" objectclass and > > > "shadowLastChange" needs to be writable by ldap://self or by the dn that > > > changes their password on their behalf (if you use "rootbinddn" in your > > > pam ldap.conf). > > > > mmm... in test don't work.. > > > > debian2:/etc/ssl/certs# getent shadow | grep camador > > camador:*:13524::99999:7:::0 > > > > debian2:/etc/ssl/certs# passwd camador > > Enter login(LDAP) password: > > New UNIX password: > > Retype new UNIX password: > > LDAP password information changed for camador > > passwd: password updated successfully > > > > debian2:/etc/ssl/certs# getent shadow | grep camador > > camador:*:13524::99999:7:::0 > > > > how you can look.. the shadow info is the same, before y after the > > change of password. > > > > any other idea ?? > > > > thanks > > > > Did you add an aci to allow write access to "shadowLastChange"? ups... sorry. now work fine !!! any other recommendation for work with posixaccount and FDS and security ?? very, very thanks -- -- Victor Hugo dos Santos Linux Counter #224399 -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
