On 6 Nov 2002, Fathi Ben Nasr wrote: > > Hi, > > I want to know the answer too. Have you gotten any idea? > > > > Thanks > > > > Min > > ldappasswd -x -D cn=manager,o=SNCFT,c=TN -w yourmanagerpassword > uid=$login,ou=People,o=SNCFT,c=TN -s $password > > Chen Min a écrit : There's a more elegant way: The /etc/pam.d/passwd file is fine, the problem is with the ACL restrictions on the LDAP server. To change a users password on the LDAP server, you either need to bind to the server as the user or the LDAP admin. By default, it will prompt you for the user's password so it can bind as that user. To bind as the admin, you need to edit the /etc/pam_ldap.conf file (this is what the file is called in Debian Linux, it might be /etc/ldap.conf in other distributions). Add a line: rootbinddn cn=admin,dc=example,dc=com ... except change it to reflect the admin for your LDAP server. Then create a file /etc/ldap.secret, with only the admin password in it. Be sure to change this file to mode 600 so other users on the system can't get the LDAP admin's password. When you try to change a password, it will just prompt you for the new password. Hope this helps! Dan _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
