Solved

LDAP authentication works fine, passwd gives error

Posted on 2006-06-21
4
392 Views
Last Modified: 2010-03-17
I have configured my home linux network (FC4 all around) to authenticate to a central OpenLDAP server.  Logins for all users work fine.

When I log in as a user and attemtp the passwd command, however, I get the following:


[tim@linux03 ~]$ passwd
Changing password for user tim.
Enter login(LDAP) password:
New UNIX password:
Retype new UNIX password:
LDAP password information update failed: Can't contact LDAP server

passwd: Permission denied


Here's anything relevant from my nsswitch.conf:

passwd:     files ldap
shadow:     files ldap
group:      files ldap
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  nisplus
automount:  files ldap
aliases:    files nisplus


here's my ldap.conf:

HOST 192.168.1.10
BASE dc=devnet
TLS_CACERTDIR /etc/openldap/cacerts


I'm not sure what I'm doing wrong.  Can anyone advise?
0
Comment
Question by:parkblock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 14

Expert Comment

by:pablouruguay
ID: 16959262
0
 
LVL 1

Author Comment

by:parkblock
ID: 16994007
turned out to be a problem with the ACL.  default acl was insufficient, I had to add the following in slapd.conf -

access to attr=userpassword
       by self                 write
       by anonymous            auth
       by *                    none
access to *
       by self                 write
       by users                read
       by anonymous            read
       by *                    none

0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 17200573
PAQed with points refunded (500)

DarthMod
Community Support Moderator
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question