[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [Fwd: Re: userPasswd problem]
I'v narrowed it down to that this only happends when i have a replogfile
directive in slapd.conf
I realy need some help here.
regards roger
On Wed, 2002-05-15 at 14:41, Roger Helgesen wrote:
>
>
> I'v now tested my replication and it it works. The one problem (as far
> as I know) I have is that changing password (userPassword).
> 'ldappasswd -x -D "cn=JokkeManager,dc=htg,dc=org" -w secret username -s
> newsecret'
>
> Result: DSA is unwilling to perform (53)
> Additional info: authorization database is a read-only replica
>
> As you can see 'm running the ldappasswd command as rootdn and still get
> this error !
> is there anyone that can help me with this ?
>
> regards
> Roger Helgesen
>
> Slapd.conf (I'v taken out all the comments to save space)
>
> ###############################
>
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/nis.schema
> include /etc/openldap/schema/redhat/rfc822-MailMember.schema
> include /etc/openldap/schema/redhat/autofs.schema
> include /etc/openldap/schema/redhat/kerberosobject.schema
> include /etc/openldap/schema/sambatng.schema-v3-egen
> include /etc/openldap/schema/qmail.schema
> include /etc/openldap/schema/qmailControl.schema
>
>
> #### Mine Acces lister
>
> access to dn=".*,dc=htg,dc=org" attr=userPassword
> by self write
> by dn="cn=PondusManager,dc=htg,dc=org" write
> by dn="uid=root,ou=SystemBrukere,dc=htg,dc=org" write
> by * auth
>
> access to dn=".*,dc=htg,dc=org"
> by self write
> by dn="cn=PondusManager,dc=htg,dc=org" write
> by * read
>
> access to *
> by dn="cn=ReplicaMasterJokke,dc=htg,dc=org" write
> by * read
>
> access to * by * read
>
> #######################################################################
> # ldbm database definitions
> ######################################################################
> loglevel 264
>
> database ldbm
> suffix "dc=htg,dc=org"
> rootdn "cn=JokkeManager,dc=htg,dc=org"
> rootpw {MD5}XsAM4fAnjvju4pOM9oOrYA==
>
> password-hash {md5}
>
> directory /var/lib/ldap
> # Indices to maintain
> index objectClass,uid,uidNumber,gidNumber,memberUid eq
> index cn,mail,surname,givenname eq,subinitial
> index rid eq
>
> # Replicas to which we should propagate changes
> replica host=pondus.hau.htg.org:389
> binddn="cn=JokkeManager,dc=htg,dc=org"
> bindmethod=simple
> credentials=Yfw98ah7
>
> replogfile /var/lib/ldap/master-slapd.replog
>
> updatedn cn=PondusManager,dc=htg,dc=org
>
> ########################################################
>
> On Tue, 2002-05-14 at 10:49, Roger Helgesen wrote:
> > Hi !
> >
> > I'v patch openldap 2.0.23-4 with the multimaster patch
> > (http://www.openldap.org/lists/openldap-software/200204/msg00681.html)
> >
> > After that (i belive thats when the prob. started) I can not change
> > userPasswd for users. New users does not get a passwd either
> >
> > The userPasswd attr says {crypt}x
> >
> > When I try to change a users passwd with
> >
> > 'ldappasswd -x -D "cn=manager,dc=htg,dc=org" -w secret username' I get
> >
> > Result: DSA is unwilling to perform (53)
> > Additional info: authorization database is a read-only replica
> >
> > I'm confused. Adding and deleting users works fine. And also changing
> > smb passwd (via smbldap-passwd.pl) works fine.
> >
> > smbldap-passwd should change both passwd, and it did before
> >
> > Could anyone help me ?
> >
> > I'm a novice at LDAP. Do you need more info, slapd.conf ldap.conf ?
> >
> > regards
> > Roger Helgesen
> >
> >
> >
>
>