Samba4: Changing a user's passwd via LDAP
Michael Wood
esiotrot at gmail.com
Fri Aug 20 05:57:27 MDT 2010
Hi
I need to provide a web-based interface for users to change their
passwords in Samba4. Is LDAP the best option?
Should the following work?
http://support.microsoft.com/kb/269190
I tried using ldapmodify with the following ldif:
dn: CN=user,CN=Users,DC=my,DC=realm
changetype: modify
add: unicodePwd
unicodePwd: "NewPassword"
-
delete: unicodePwd
unicodePwd: "OldPassword"
-
Whether I use simple authentication with "ldapmodify -x -D
CN=user,CN=Users,DC=my,DC=realm -W ..." or first run "kinit user" and
then use "ldapmodify -Y gssapi ..." I get the following error:
modifying entry "CN=user,CN=Users,DC=my,DC=realm"
ldap_modify: Insufficient access (50)
additional info: 00002098: insufficient access rights - error in
module acl: insufficient access rights (50)
but perhaps that's not equivalent to the code in the KB article?
I would appreciate any suggestions for how to do this, preferably from
Python, or if LDAP is not the best way, then I would appreciate it if
you could let me know what the best way is.
I also tried "net password change", but was having trouble getting that to work.
I'm currently running "Version 4.0.0alpha12-GIT-6d97360" but I might
upgrade/reprovision soon.
Thanks in advance.
--
Michael Wood <esiotrot at gmail.com>
More information about the samba-technical
mailing list