[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Using passwd to change a users password.

    I currently have openldap-2.0.7-4 running and nss_ldap-122-4

I can su to a user who has info in LDAP only, and the id and whoami all
report the valid info.

    my question is: can a setup be created so that a user can use the
passwd cmd to change their password? the best I can get is
bash-2.04$ passwd
Enter login(LDAP) password:
New clibLDAP password:
Retype new clibLDAP password:
passwd: Authentication token manipulation error
where the clibLDAP prompt comes from
[root@kloof pam.d]# cat system-auth
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        sufficient    /lib/security/pam_ldap.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
shadow use_first_pass
auth        required      /lib/security/pam_deny.so
account     sufficient    /lib/security/pam_ldap.so
account     sufficient    /lib/security/pam_unix.so
account     required      /lib/security/pam_deny.so
password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_ldap.so
password    sufficient    /lib/security/pam_unix.so nullok use_authtok
md5 shadow #try_first_pass
password    required      /lib/security/pam_deny.so
session     required      /lib/security/pam_limits.so
session     optional      /lib/security/pam_ldap.so
session     required      /lib/security/pam_unix.so

This is on a Redhat 7.0 system.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []