[Samba] ldap_modify_s Insufficient access
Thorsten D. Marsen
t.d.marsen at web.de
Tue Jan 28 23:59:23 GMT 2003
Hi, we are running Samba 2.2.5 using LDAP und pam_ldap (pam_unix2 with
auth+account+password=use_ldap) as PDC out of the SuSE 8.1 distribution. It
runs very well: Login für Unix&Samba ok, Passwort-Change for Samba via
smbpasswd Ok and we are able to manipulate the Linux Password in LDAP using
the GQ Client. The only thing that doesn't work is "passwd" itself:
venezuela:/home/tdm # passwd guest
Changing password for guest.
Enter login(LDAP) password:
New password:
Bad password: a palindrome
Re-enter new password:
LDAP password information update failed: Unknown error
Password changed
venezuela:/home/tdm #
and in /var/log/messages:
Jan 28 13:39:47 venezuela passwd[28505]: pam_ldap: ldap_modify_s
Insufficient access
Can you please help, because this is a very important issue for us! Thanks
in advance,
Thorsten.
Some conf-staff:
/etc/openldap/ldap.conf
host 192.168.1.1
base dc=tdm-consult, dc=com
ssl no
# für nss_ldap
crypt des
# für pam_ldap
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_crypt local
pam_password crypt
ldap_version 3
/etc/openldap/slap.conf
suffix "dc=tdm-consult,dc=com"
rootdn "cn=tdm,dc=tdm-consult,dc=com"
rootpw {crypt}...
/etc/pam.d/passwd
auth required pam_unix2.so nullok
account required pam_unix2.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_first_pass use_authtok
session required pam_unix2.so
/etc/security/pam_unix2
auth: use_ldap nullok
account: use_ldap
password: use_ldap nullok
session: none
More information about the samba
mailing list