[Samba] AD DC LDAP support for the 'password change' extended operation

Andrew Bartlett abartlet at samba.org
Wed Feb 6 14:25:52 MST 2013


On Mon, 2013-02-04 at 10:31 +0100, Luis Angel Fernandez Fernandez wrote:
>   Hi!
> 
>   I'm trying to use the internal LDAP provided by Samba4 to store mail
> domains used by SOGo. I have two sets of users. Those used by Samba and
> created through samba-tool and those created under some "ou" I have made
> up. A few days ago I was able to change the latter users passwords using
> "ldapadmin" (a windows LDAP client) but today I am not. When I try to
> change a password I get an error message like "RPC server unavailable".
> 
>   And I have another problem with LDAP. I have to use ldapadmin to change
> users' password because ldappasswd gives me this error:
> 
> ldappasswd -d4 -h 192.168.0.137 "cn=juan.lapuerta,ou=alisys.net
> ,dc=aliratiun,dc=tic"
> ldap_build_search_req ATTRS: supportedSASLMechanisms
> SASL/GSSAPI authentication started
> SASL username: Administrator at ALIRATIUN.TIC
> SASL SSF: 56
> SASL data security layer installed.
> Result: Protocol error (2)
> Additional info: Extended Operation(1.3.6.1.4.1.4203.1.11.1) not supported
> 
>   But I think I read somewhere that that extended operation is supported.

I can help on this part of the question:  No, the extended operation is
not supported - it remains a wishlist item that one of our developers
was working on at some point, but has not progressed beyond that.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba mailing list