[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: passwords disappear
On 10/06/11 17:56 -0600, Bidwell, Matt wrote:
If a user changes passwords on and ldap client machine, the shadow
entry disappears. This is true for all hash methods except for
{CRYPT}.
Do you mean that the userPassword attribute disappears, or one of the
shadow* attributes? Or do you mean that you can no longer see the user with
'getent shadow' on the client system?
Clearly I would like {SSHA} or {MD5} over {CRYPT}. The client machines
are pretty standard RHEL 5 machines. I have exop in the config on the
client. Setting the password on the LDAP server works correctly. Running
the server in debug didn't make anything jump out at me. Anyone have any
ideas? Perhaps I'm missing an ACL I don't know about.
Can you reproduce the problem using ldappasswd on the client?
Can you provide (sanitized) examples of what good and bad ldap user entries
look like?
What pam/nss software are you running on the clients?
--
Dan White