[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: passwd and nss_ldap, pam_ldap, openldap

To: Alvaro Villalba Poncet <alvarovp@ip6seguridad.com>
Subject: Re: passwd and nss_ldap, pam_ldap, openldap
From: Mika Saari <dummy@wipsl.com>
Date: Fri, 10 Dec 1999 13:25:34 +0200
Cc: OpenLDAP-general@OpenLDAP.org
References: <384F7194.ADDD4B35@wipsl.com> <19991209183939.A14423@ip6seguridad.com>

Hello !

> From my previous mail:
> when using passwd command for user, the new password is asked twice
> and then login(LDAP) password is asked. What ever I answer to this
> login(LDAP) password the result is "LDAP Password incorrect: try again"

> Just check /etc/ldap.conf, be sure to have the line
> "crypt md5" uncommented

Yep this is working.  I can log in using md5 passwords which has been
included to ldap server. /etc/ldap.conf includes md5 row and it is
uncommented. But still passwd command refuces to accept the LDAP password
with error message specified above. pam.d includes passwd entry with ldap
modifications, but should there in /etc/pam.d/passwd be informed that
LDAP saved passwords are md5 passwords and if they should be informed how
should this be done ?

Example /etc/pam.d/passwd. This file is exact copy from pam_ldap rpm
package's demo passwd file.

#%PAM-1.0
auth       sufficient /lib/security/pam_ldap.so
auth       required     /lib/security/pam_unix_auth.so use_first_pass
account    sufficient /lib/security/pam_ldap.so
account    required     /lib/security/pam_unix_acct.so
password   required /lib/security/pam_cracklib.so retry=3
password   sufficient /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so try_first_pass


    Thank you very much,
                                        Mika Saari

References:
- passwd and nss_ldap, pam_ldap, openldap
  - From: Mika Saari <dummy@wipsl.com>

Prev by Date: Re: A person in multiple ou's.
Next by Date: Re: A person in multiple ou's.
Index(es):
- Chronological
- Thread