[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [pamldap] pamldap-118 and EXOP
- To: pamldap@padl.com
- Subject: Re: [pamldap] pamldap-118 and EXOP
- From: Andreas Hasenack <andreas@conectiva.com.br>
- Date: Wed, 27 Jun 2001 18:11:10 -0300
- Cc: openldap-software@OpenLDAP.org
- Content-disposition: inline
- In-reply-to: <20010627014029.A13492@conectiva.com.br>; from andreas@conectiva.com.br on Wed, Jun 27, 2001 at 01:40:29AM -0300
- References: <20010627014029.A13492@conectiva.com.br>
- User-agent: Mutt/1.3.17i
(CCing openldap-software, as this is about ldappasswd too)
Answering to myself...
I did what that response told me: I commented that part in pam_ldap which
sets the oldpassword, and now I can change passwords using EXOP:
--- pam_ldap.c~ Tue Jun 26 20:29:20 2001
+++ pam_ldap.c Wed Jun 27 17:52:58 2001
@@ -2190,7 +2190,7 @@
ber_printf (ber, "{");
ber_printf (ber, "ts", LDAP_TAG_EXOP_X_MODIFY_PASSWD_ID,
session->info->userdn);
- ber_printf (ber, "ts", LDAP_TAG_EXOP_X_MODIFY_PASSWD_OLD, old_password);
+/* ber_printf (ber, "ts", LDAP_TAG_EXOP_X_MODIFY_PASSWD_OLD, old_password);*/
ber_printf (ber, "ts", LDAP_TAG_EXOP_X_MODIFY_PASSWD_NEW, new_password);
ber_printf (ber, "N}");
By the way, I now also tried to use ldappasswd making it ask me for the old
password, the bind password and also the new password, and got the same
"unwilling to perform" error I had with pam_ldap. If I don't provide the old
password, it works.
I'll finish reading that draft in /usr/share/doc/openldap-doc-2.0.11 about
ldap_extended_operation_s and see what that tells me...
Em Wed, Jun 27, 2001 at 01:40:29AM -0300, Andreas Hasenack escreveu:
> 0x0040 041f 7573 6520 6269 6e64 2074 6f20 7665 ..use.bind.to.ve
> 0x0050 7269 6679 206f 6c64 2070 6173 7377 6f72 rify.old.passwor
> 0x0060 64 d