More fun with LDAP

Nigel Wade nmw at ion.le.ac.uk
Fri May 14 09:09:37 UTC 2004


 >
 > On Wed, 2004-05-12 at 12:47, Mark A. Hoover wrote:
 >
 >>I'm hoping there's somebody out there with some LDAP experience.  I've
 >>run across something for which I haven't found an answer on Google.
 >>
 >>I recently tried to use the passwd lock function on an account and
 >>received the following:
 >>
 >>[root at testbox root]$ passwd -l tuser
 >>Locking password for user tuser.
 >>passwd: Error (password not set?)
 >>
 >>The username exists and I can login as that user.  I can also change the
 >>user's password without any problems.
 >>
 >>[root at testbox root]$ passwd tuser
 >>Changing password for user tuser.
 >>New password:
 >>Retype new password:
 >>LDAP password information changed for tuser
 >>passwd: all authentication tokens updated successfully.
 >>
 >>
 >>Any ideas?
 >>
 >>
 >>--
 >>-----------------------------------------------------
 >>Mark Hoover
 >>mahoover at ispaceonline.org
 >>
 >
 >
 >

Dan wrote:
> I dont think passwd has any ldap capabilities, so attempting to lock an
> account stored in LDAP using passwd(1) wont work.
> 
> I tried this here and got the same error as you. strace seems to show
> passwd looking in /etc/passwd for the given user.
> 
> Dan
> 

Passwd will use LDAP if it's configured in /etc/nsswitch.conf.

However, it seems that the -l option doesn't do so, and fails if the account 
isn't found in /etc/passwd.

Is it a bug, or is it a "feature"?

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw at ion.le.ac.uk
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555





More information about the fedora-list mailing list