Mac OS X 10.2.1 Server & Linux Authentication

["Daniel Hazelbaker" <daniel@highdesertchurch.com>]

Greetings,

    I recently setup a Linux box (specifically Yellow Dog Linux 2.3) on a
box on the same network as a 10.2 Server.  The 10.2 Server is setup to
share it's password database via LDAPv3.  This works.  Linux is
authenticating perfectly to it.  I must say it setup extremely easy. 
The issue is changing passwords.  I cannot do it.  If I try to use the
passwd program I get the following responses:
LDAP  password information update failed: Unknown error
DSA2008: Constraint Violation
passwd: Permission denied

If I try to use ldappasswd I get this:
ldappasswd -x -W
  ldap_bind: Invalid Credentials

ldappasswd -x -W -D 'uid=daniel,cn=users,dc=hdcnet,dc=org'
  Result: Protocol Error (2)
  Additional Info: Data Decoding Error

Yet if I connect to the slapd server via the Workgroup Manager included in
OS X and authenticate as myself (daniel), it allows me to make any change
I want.  I am able to make other changes with ldapmodify, such as changing
my home directory etc, so I know it is authenticating me okay.  But
something with changing the password is all screwed up.  I would be happy
to post any more information that is needed.

Oh, my end-result desired is this.  Netatalk running authenticating with
pam, using pam_ldap.  I want my users to be able to click the "change
password" button in the chooser and have netatalk via pam change the
password in the ldap database.  If I end up doing things with a script
that pam runs which encrypts the password and manually updates the data
with ldapmodify then I will do that, but REALLY do not want to.  And
honestly do not know if I can (havn't tried manually updating the
userPassword entity).  Although I have no idea how I could make pam run an
external script so I think I would end up having to write a module, ick. 
Thoughts welcome :)

Daniel
Assistant Technical Director
High Desert Church