Re: [389-users] 389-users Digest, Vol 90, Issue 2
by albert.solaris
On 11/02/2012 08:00 AM, 389-users-request(a)lists.fedoraproject.org wrote:
> Send 389-users mailing list submissions to
> 389-users(a)lists.fedoraproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://admin.fedoraproject.org/mailman/listinfo/389-users
> or, via email, send a message with subject or body 'help' to
> 389-users-request(a)lists.fedoraproject.org
>
> You can reach the person managing the list at
> 389-users-owner(a)lists.fedoraproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of 389-users digest..."
>
>
> Today's Topics:
>
> 1. LDAP authentication related - CANNOT change password by
> running passwd on clients (albert.solaris)
> 2. Re: LDAP authentication related - CANNOT change password by
> running passwd on clients (Dan Lavu)
> 3. Re: LDAP authentication related - CANNOT change password by
> running passwd on clients (Grzegorz Dwornicki)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 01 Nov 2012 16:02:39 -0400
> From: "albert.solaris" <albert.solaris(a)gmail.com>
> To: 389 Mail list <389-users(a)lists.fedoraproject.org>
> Subject: [389-users] LDAP authentication related - CANNOT change
> password by running passwd on clients
> Message-ID: <5092D55F.8020001(a)gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
>
> I am stuck in the 389 DS implementation, hope someone could help me out.
>
> My situation is that I am trying to establish a cute enterprise
> environment with VMWorkstation and CentOS. All guest OSs are CentOS6.3
> based. So far I have got DNS, DHCP, Gateway, File server worked
> perfectly; However, the 389 LDAP server here, Hmm... I would say it is
> partially working. And this is also where you come in.
>
> What does it mean by 'partially working' exactly? Let me tell you.
>
> What happened here is that I've installed and configured 389 DS without
> SSL/TLS enable, migrated local users on my file server to the LDAP
> already. Now, from my DHCP clients, also LDAP clients, I can retrieve
> information within the LDAP server by running ldapsearch, I can even
> change to regular users (i.e. user1/user2/.../user10 created on the file
> server) with Autofs home directory mounted automatically. Somehow, I
> cannot change password by running passwd command.
>
> Here is what I got when changing.
> [root@dhcpclient sssd]# /su - user1/
> [user1@dhcpclient ~]$
> [user1@dhcpclient ~]$ /passwd/
> Changing password for user user1.
> Current Password:
> passwd: Authentication token manipulation error
> [user1@dhcpclient ~]$
>
> I am new to Linux, so have no idea about the reason behind that. Is it
> a LDAP acl issue, or sssd configuration issue, or security pam issue, or
> whatever else.
>
> If you could help me out, that would be great. Please let me know if
> you want any configuration files from me. I don't want to attach
> everything here to scare you.
>
10 years, 11 months
- 1
- 0
LDAP authentication related - CANNOT change password by running passwd on clients
by albert.solaris
I am stuck in the 389 DS implementation, hope someone could help me out.
My situation is that I am trying to establish a cute enterprise
environment with VMWorkstation and CentOS. All guest OSs are CentOS6.3
based. So far I have got DNS, DHCP, Gateway, File server worked
perfectly; However, the 389 LDAP server here, Hmm... I would say it is
partially working. And this is also where you come in.
What does it mean by 'partially working' exactly? Let me tell you.
What happened here is that I've installed and configured 389 DS without
SSL/TLS enable, migrated local users on my file server to the LDAP
already. Now, from my DHCP clients, also LDAP clients, I can retrieve
information within the LDAP server by running ldapsearch, I can even
change to regular users (i.e. user1/user2/.../user10 created on the file
server) with Autofs home directory mounted automatically. Somehow, I
cannot change password by running passwd command.
Here is what I got when changing.
[root@dhcpclient sssd]# /su - user1/
[user1@dhcpclient ~]$
[user1@dhcpclient ~]$ /passwd/
Changing password for user user1.
Current Password:
passwd: Authentication token manipulation error
[user1@dhcpclient ~]$
I am new to Linux, so have no idea about the reason behind that. Is it
a LDAP acl issue, or sssd configuration issue, or security pam issue, or
whatever else.
If you could help me out, that would be great. Please let me know if
you want any configuration files from me. I don't want to attach
everything here to scare you.
10 years, 11 months
- 3
- 2
passwordExpirationTime
by Josh Ellsworth
I am trying to get the passwordExpirationTime populated in a new 389ds instance. The users were imported from another instance of 389DS before I set the password policy. Is there an official way to fill in the passwordExpirationTime populated for all accounts on the server?
--
Joshua Ellsworth
Senior Systems Administrator, Primatics Financial
Phone: 571.765.7528
jellsworth(a)primaticsfinancial.com
10 years, 11 months
- 1
- 0