[Samba] Allow self password change using LDAP(s) with Samba4
Juan Asensio Sánchez
okelet at gmail.com
Wed Dec 30 14:59:09 UTC 2015
Hi all
I am trying to create a webapp to allow users to change their own passwords
in Samba4 (perhaps, also in AD), using LDAP(s). But when I try to modify
the user password using this code:
dn: ........
changetype: modify
replace: unicodePwd
unicodePwd: "Temporal2"
I get this error:
0x32 (Insufficient access; error in module acl: insufficient access rights
during LDB_MODIFY (50))
If I change the code, deleting the old password, and adding the new one:
dn: ........
changetype: modify
delete: unicodePwd
unicodePwd: "Temporal1"
-
add: unicodePwd
unicodePwd: "Temporal2"
Then I get this error:
#!ERROR [LDAP: error code 53 - 00002035: setup_io: it's not allowed to set
the NT hash password directly']
The ldapmodify are executed using the self user credentials, i wouldn't
like to use the administrator account. Is this possible? Do I have to
change some settings in Samba4?
More information about the samba
mailing list