[Samba] client specific debug log for ldap
lists
lists at merit.unu.edu
Tue Jan 10 14:05:19 UTC 2017
Hi,
I am trying to debug an ldaps client that we would like use to change
passwords for end-users. Currently this is failing with this:
> [LDAP: error code 50 - error in module acl: insufficient access
> rights during LDB_MODIFY (50)]; remaining name 'CN=ted t.
> test,CN=Users,DC=samba,DC=company,DC=com'
From what we understand, there are two ways to change a password:
A) as an admin-user with a replace operation
B) as an end-user with a delete and an add operation
To debug why my client application does not work, I configured loglevel
10 for that specific IP, according to the client specific logging on the
wiki.
HOWEVER... that does not seem to work for ldap access! :-(
Is there a way to have debug level logs for ldap traffic coming from a
specific ip, while keeping the rest a a normal level?
Or perhaps set ldap logging to 10, while keeping the rest down?
And as a side-question: do we need to configure anything special, to
allow end-users to change their passwords?
Best regards,
MJ
More information about the samba
mailing list