[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
[Fwd: Re: userPasswd problem]
I'v now tested my replication and it it works. The one problem (as far
as I know) I have is that changing password (userPassword).
'ldappasswd -x -D "cn=JokkeManager,dc=htg,dc=org" -w secret username -s
newsecret'
Result: DSA is unwilling to perform (53)
Additional info: authorization database is a read-only replica
As you can see 'm running the ldappasswd command as rootdn and still get
this error !
is there anyone that can help me with this ?
regards
Roger Helgesen
Slapd.conf (I'v taken out all the comments to save space)
###############################
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/redhat/rfc822-MailMember.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
include /etc/openldap/schema/sambatng.schema-v3-egen
include /etc/openldap/schema/qmail.schema
include /etc/openldap/schema/qmailControl.schema
#### Mine Acces lister
access to dn=".*,dc=htg,dc=org" attr=userPassword
by self write
by dn="cn=PondusManager,dc=htg,dc=org" write
by dn="uid=root,ou=SystemBrukere,dc=htg,dc=org" write
by * auth
access to dn=".*,dc=htg,dc=org"
by self write
by dn="cn=PondusManager,dc=htg,dc=org" write
by * read
access to *
by dn="cn=ReplicaMasterJokke,dc=htg,dc=org" write
by * read
access to * by * read
#######################################################################
# ldbm database definitions
######################################################################
loglevel 264
database ldbm
suffix "dc=htg,dc=org"
rootdn "cn=JokkeManager,dc=htg,dc=org"
rootpw {MD5}XsAM4fAnjvju4pOM9oOrYA==
password-hash {md5}
directory /var/lib/ldap
# Indices to maintain
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial
index rid eq
# Replicas to which we should propagate changes
replica host=pondus.hau.htg.org:389
binddn="cn=JokkeManager,dc=htg,dc=org"
bindmethod=simple
credentials=Yfw98ah7
replogfile /var/lib/ldap/master-slapd.replog
updatedn cn=PondusManager,dc=htg,dc=org
########################################################
On Tue, 2002-05-14 at 10:49, Roger Helgesen wrote:
> Hi !
>
> I'v patch openldap 2.0.23-4 with the multimaster patch
> (http://www.openldap.org/lists/openldap-software/200204/msg00681.html)
>
> After that (i belive thats when the prob. started) I can not change
> userPasswd for users. New users does not get a passwd either
>
> The userPasswd attr says {crypt}x
>
> When I try to change a users passwd with
>
> 'ldappasswd -x -D "cn=manager,dc=htg,dc=org" -w secret username' I get
>
> Result: DSA is unwilling to perform (53)
> Additional info: authorization database is a read-only replica
>
> I'm confused. Adding and deleting users works fine. And also changing
> smb passwd (via smbldap-passwd.pl) works fine.
>
> smbldap-passwd should change both passwd, and it did before
>
> Could anyone help me ?
>
> I'm a novice at LDAP. Do you need more info, slapd.conf ldap.conf ?
>
> regards
> Roger Helgesen
>
>
>