[Samba] AD DC LDAP support for the 'password change' extended operation
Andrew Bartlett
abartlet at samba.org
Wed Feb 6 14:25:52 MST 2013
On Mon, 2013-02-04 at 10:31 +0100, Luis Angel Fernandez Fernandez wrote:
> Hi!
>
> I'm trying to use the internal LDAP provided by Samba4 to store mail
> domains used by SOGo. I have two sets of users. Those used by Samba and
> created through samba-tool and those created under some "ou" I have made
> up. A few days ago I was able to change the latter users passwords using
> "ldapadmin" (a windows LDAP client) but today I am not. When I try to
> change a password I get an error message like "RPC server unavailable".
>
> And I have another problem with LDAP. I have to use ldapadmin to change
> users' password because ldappasswd gives me this error:
>
> ldappasswd -d4 -h 192.168.0.137 "cn=juan.lapuerta,ou=alisys.net
> ,dc=aliratiun,dc=tic"
> ldap_build_search_req ATTRS: supportedSASLMechanisms
> SASL/GSSAPI authentication started
> SASL username: Administrator at ALIRATIUN.TIC
> SASL SSF: 56
> SASL data security layer installed.
> Result: Protocol error (2)
> Additional info: Extended Operation(1.3.6.1.4.1.4203.1.11.1) not supported
>
> But I think I read somewhere that that extended operation is supported.
I can help on this part of the question: No, the extended operation is
not supported - it remains a wishlist item that one of our developers
was working on at some point, but has not progressed beyond that.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list