On Wed, May 09, 2007 at 02:58:06PM +0200, Martin Marcher wrote: > Hello, > > I set up my system to authenticate against ldap, > > id ; getent passwd; getent group # all show the correct information > > However when I su to a user and do passwd the following happens: > > $ passwd > passwd: User not known to the underlying authentication module > passwd: password unchanged > > Where do I tell passwd that my accounts are in ldap. (Or what even > bugs me more is that the "pam_password_prohibit_message" arent honored > in the config file, seems I'm missing something)
I had a similar problem, the way i tracked it down was to turn on logging on slapd it worked out the permissions were not correct. If memory serves me correctly I used a binddn as well a a rootdn. the former is for non root access and the later well for root access. Alex > > thanks > martin > > nsswitch.conf: > passwd: files ldap > group: files ldap > shadow: files ldap > hosts: files dns > networks: files > protocols: db files > services: db files > ethers: db files > rpc: db files > netgroup: nis > > pam_ldap.conf: > base dc=example,dc=com > uri ldap://ldap.example.com:10389 > ldap_version 3 > rootbinddn cn=manager,dc=example,dc=com > pam_password clear > pam_password_prohibit_message Please visit http://internal to change > your password. > > > libnss-ldap.conf: > uri ldap://ldap.example.com:10389 > base dc=openforce,dc=com > ldap_version 3 > rootbinddn uid=manager,dc=example,dc=com > pam_lookup_policy yes > pam_password clear > pam_password_prohibit_message Please visit http://internal to change > your password. > > > -- > Martin Marcher > [EMAIL PROTECTED] > http://www.mycorners.com > https://www.xing.com/profile/Martin_Marcher > http://www.linkedin.com/in/martinmarcher > http://www.studivz.net/profile.php?ids=9f83ea8c5996b8ec > http://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
signature.asc
Description: Digital signature
