Password change and LDAP
Andrew Bartlett
abartlet at samba.org
Tue Apr 6 09:06:50 GMT 2004
On Tue, Apr 06, 2004 at 10:49:45AM +0200, Pierre Filippone wrote:
> Hi,
>
> we use LDAP as passdb backend in the classic way: PDC using the LDAP
> master, BDC using the LDAP slave.
>
> We now face the problem, that after a password change the user gets an
> "invalid credentials" message which is caused
> by the replication delay. I think this is a known issue.
>
> I've read in the archive, that it might be possible to insert a small
> delay somewhere in the code, i.e. 1 or 2 seconds, after user
> password change to avoid this error message. I know this should not be the
> final solution, but has anybody already implemented this ?
Have you looked at 'ldap replicaiton sleep' 3.0.2a
> I looked into the code, but can't find the right place to insert the
> delay.
>
Yes. Just add it after the pdb_update_* call in chgpasswd.c
Andrew Bartlett
More information about the samba-technical
mailing list