[Fedora-directory-users] userPassword is base64 encoded
David Boreham
david_list at boreham.org
Wed Jun 8 01:51:33 UTC 2005
>
>Samba binds to the DS as the admin server and then just attempts to overwrite
>the userPassword attribute (I assume you have ldap sync turned on). It seems
>DS doesn't like it: it requires the current password first. Perhaps there is
>some configuration change that can help.
>
>
>
I think this could be an access control issue. The default ACIs supplied
with the server only allow root (Directory Manager) and 'self' write access
to the userPassword attribute. If you changed the access control rules
to allow the user that samba binds as write access, that might help.
The access log is your friend : look in there
(.../slapd-<hostname>/logs/access)
to find the operations samba attempted. The ldap result code for the modify
operation will be in there. You will be able to see if the operation failed
due to access control restrictions (error code 50) or for some other reason.
More information about the Fedora-directory-users
mailing list