On Thu, 2003-04-03 at 19:09, John Stucki wrote:
> I've been trying to get eDirectory 8.7 & pam_ldap to work for a while.
> I am able to authenticate, but I still have to have entries in
> /etc/passwd file for my users, did you get it to work without having to
> put user entries in the /etc/passwd file?
Yes. Check your nsswitch.conf, ldap.conf, and pam.d/whatever. There are
LDAP Howtos on the net, that explain all those things.
> Stefan Voelkel wrote:
> > Hello,
> >
> > I am using eDirectory 8.7 and pam_ldap successfully to authenticate
> > users.
> >
> > But as root I can not change user passwords (whereas user I can change
> > my own password):
It seems that pam_password nds in ldap.conf causes the trouble, at least
with the pam version redhat 7.3 ships.
eDirectory does have a userPassword attribute, but does not export it.
In pam_ldap.c around line 2377 it is tried to delete the attribute and
then reset it. The deletion failes. We are looking into a pam_password
edir patch and checking if pam_password clear works.
regards
Stefan
--
--------------------------------------------------------------------
Stefan Völkel stefan.voelkel@xxxxxxxxxxxx
Millenux GmbH mobile: +49.170.79177.17
Lilienthalstraße 2 phone: +49.711.88770.300
70825 Stuttgart-Korntal fax: +49.711.88770.349
-= linux without limits -=- http://linux.zSeries.org/ =-
Attachment:
signature.asc
Description: This is a digitally signed message part
