Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

LDAP password information update failed: Unknown error
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Microft
n00b
n00b


Joined: 27 Oct 2002
Posts: 40
Location: Arnsberg, Germany
PostPosted: Tue Dec 03, 2002 5:48 pm    Post subject: LDAP password information update failed: Unknown error Reply with quote
Hi!

I tried to use LDAP as a NIS-Replacement. I have now no problems to login as my LDAP-testuser on every local system.

But it's not possible to change the password of the LDAP-user. I get the following error:

Quote:

frank@daan:~ >passwd
Enter login(LDAP) password:
New password:
Re-enter new password:
LDAP password information update failed: Unknown error

passwd: Permission denied



And herer are my conf-files:

LDAP.CONF
Code:

ldap_version 3
host theta.kappatheta.de
base dc=kappatheta,dc=de
ssl start_tls
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid


SLAPD.CONF
Code:

include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/misc.schema

password-hash {SSHA}

pidfile         /var/state/openldap/slapd.pid
argsfile        /var/state/openldap/slapd.args

database        ldbm
suffix          "dc=kappatheta, dc=de"
rootdn          "cn=Admin, dc=kappatheta, dc=de"
rootpw          {SSHA}betRgBx6RGF9V+hPMEYZUvbVM06m8joh
directory       /var/state/openldap/openldap-ldbm
index   objectClass     eq

TLSCertificateFile /etc/openldap/keys/ldap.cert
TLSCertificateKeyFile /etc/openldap/keys/ldap.key
TLSCACertificateFile /etc/openldap/keys/ca.cert

access to *
        by * read

access to attr=userPassword
        by self write
        by anonymous auth
        by * none



PAM.D/PASSWD
Code:

auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_unix_auth.so use_first_pass
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_unix_acct.so
password   sufficient   /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so try_first_pas



Every help is welcome ;)


Tim
Back to top
View user's profile Send private message
Microft
n00b
n00b


Joined: 27 Oct 2002
Posts: 40
Location: Arnsberg, Germany
PostPosted: Wed Dec 04, 2002 6:36 am    Post subject: Reply with quote
I found the failure. I just had to modify the access rules inside the slapd.conf a little but important bit.

Code:

access to * attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=Admin,dc=kappatheta,dc=de" write
        by * none

access to *
        by self write
        by * read
        by dn="cn=Admin,dc=kappatheta,dc=de" write
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy