Solved

LDAP authentication works fine, passwd gives error

Posted on 2006-06-21
4
377 Views
Last Modified: 2010-03-17
I have configured my home linux network (FC4 all around) to authenticate to a central OpenLDAP server.  Logins for all users work fine.

When I log in as a user and attemtp the passwd command, however, I get the following:


[tim@linux03 ~]$ passwd
Changing password for user tim.
Enter login(LDAP) password:
New UNIX password:
Retype new UNIX password:
LDAP password information update failed: Can't contact LDAP server

passwd: Permission denied


Here's anything relevant from my nsswitch.conf:

passwd:     files ldap
shadow:     files ldap
group:      files ldap
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  nisplus
automount:  files ldap
aliases:    files nisplus


here's my ldap.conf:

HOST 192.168.1.10
BASE dc=devnet
TLS_CACERTDIR /etc/openldap/cacerts


I'm not sure what I'm doing wrong.  Can anyone advise?
0
Comment
Question by:parkblock
4 Comments
 
LVL 14

Expert Comment

by:pablouruguay
ID: 16959262
0
 
LVL 1

Author Comment

by:parkblock
ID: 16994007
turned out to be a problem with the ACL.  default acl was insufficient, I had to add the following in slapd.conf -

access to attr=userpassword
       by self                 write
       by anonymous            auth
       by *                    none
access to *
       by self                 write
       by users                read
       by anonymous            read
       by *                    none

0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 17200573
PAQed with points refunded (500)

DarthMod
Community Support Moderator
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now