[K12OSN] How to change own user password
John Lucas
mrjohnlucas at gmail.com
Thu Mar 13 12:52:10 UTC 2008
Krsnendu dasa wrote:
> Thanks. Which config file would I put this?
>
That would be in your "slapd.conf" file(s). You should look for
commented-out acl likely to already be there. Remember to put your own
domain info in place of mine.
I highly recommend the book "LDAP System Administration" by Gerald
Carter as a highly practical reference.
> On 12/03/2008, John Lucas <mrjohnlucas at gmail.com> wrote:
>> Krsnendu dasa wrote:
>> > Does this work for non-root users? When I tried something similar in the
>> > pass only root could change passwords. It seemed that users could change
>> > their own passwds, but they never actually changed. Maybe it was the way
>> > smbldap was set up. It thought that a way around this would be to make a
>> > script that runs sudo that calls the smbldap passwd script. all users
>> > would need sudo rights to run just the script.
>> >
>>
>>
>> It works for me. If only root can change passwords, then you may need to
>> check our your LDAP configuration to make sure that the password
>> attributes (all 3 of them) are writeable by the user. A simple ACL
>> *similar* to this should work:
>>
>> # basic password protection -jrl
>> access to attrs=userpassword,sambaLMpassword,sambaNTpassword
>> by dn="uid=root,ou=Users,dc=ascs,dc=net" write
>> by self write
>> by * auth
>>
>> access to *
>> by dn="uid=root,ou=Users,dc=ascs,dc=net" write
>> by * read
>>
>>
>>
>>
>> > On 07/03/2008, *John Lucas* <mrjohnlucas at gmail.com
>>
>>> <mailto:mrjohnlucas at gmail.com>> wrote:
>> > ml at bortal.de <mailto:ml at bortal.de> wrote:
>> > > Hello List,
>> > >
>> > > how can the users change their own password in a unix shell?
>> > >
>> > > foobar at PDC:~$ passwd
>> > > Enter login(LDAP) password:
>> > > New password:
>> > > Re-enter new password:
>> > > LDAP password information update failed: Unknown error
>> > >
>> > > passwd: Permission denied
>> > >
>> >
>> >
>> > If you are using SMBLDAP then using "smbpasswd" works to change both the
>> > Unix and Samba passwords stored in LDAP, just make sure that it acts
>> > on the PDC. Assuming the PDC is named "pdchost":
>> >
>> > smbpasswd -r pdchost username
>> >
>> > It will prompt for for old and new passwords. You can put it on a GUI
>> > menu with xterm:
>> >
>> > xterm -e "smbpasswd -r pdchost $USER"
>> >
>> >
>> >
>> > --
>> > "History doesn't repeat itself; at best it rhymes."
>> > - Mark Twain
>> >
>> > | John Lucas MrJohnLucas at gmail.com
>>
>>> <mailto:MrJohnLucas at gmail.com> |
>>> | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
>> > | 18.3°N, 65°W AST (UTC-4) |
>> >
>> >
>> > _______________________________________________
>> > K12OSN mailing list
>>
>>> K12OSN at redhat.com <mailto:K12OSN at redhat.com>
>>> https://www.redhat.com/mailman/listinfo/k12osn
>> > For more info see <http://www.k12os.org>
>> >
>> >
>> >
>>
>>> ------------------------------------------------------------------------
>> > _______________________________________________
>> > K12OSN mailing list
>> > K12OSN at redhat.com
>> > https://www.redhat.com/mailman/listinfo/k12osn
>> > For more info see <http://www.k12os.org>
>>
>>
>>
>> --
>>
>> "History doesn't repeat itself; at best it rhymes."
>> - Mark Twain
>>
>> | John Lucas MrJohnLucas at gmail.com |
>> | St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
>> | 18.3°N, 65°W AST (UTC-4) |
>>
>> _______________________________________________
>> K12OSN mailing list
>> K12OSN at redhat.com
>> https://www.redhat.com/mailman/listinfo/k12osn
>> For more info see <http://www.k12os.org>
>>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
--
"History doesn't repeat itself; at best it rhymes."
- Mark Twain
| John Lucas MrJohnLucas at gmail.com |
| St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W AST (UTC-4) |
More information about the K12OSN
mailing list