Hi, I'm confused about ldap authentication.
I'm attempting to use ldap with kerberos 5, when changing an user's password,
I issused:
user1]$ passwd
Kerberos 5 Password: ******
New UNIX password: ******
Retype new UNIX password: ******
All things go well, however, still have a password don't change, and I don't know
what this password is. And how to change it.
Still that user, I can't use 'ldappasswd'
user1]$ ldappasswd
SASL/GSSAPI authentication started
SASL username: user1@MYREALM.COM
SASL SSF: 56
SASL installing layers
New password: yPYNAgvO <--- this changes frequently
Result: Internal (implementation specific) error (80)
Additional info: SASL(-7): invalid parameter supplied: Error putting OTP secret
I should emphasize that the user1 has two passwords, the first one can be changed with 'passwd' or 'kpasswd', the other I don't know how to access it, although this second password still works and it's can be used to login.
More information:
user1]$ passwd
Kerberos 5 Password: <--- type a wrong password and got following (only the first password works here)
Enter login(LDAP) password: <--- the second password works here
New UNIX password: ******
Retype new UNIX password: ******
LDAP password information update failed: Insufficient access
passwd: Permission denied
Best Regards.
--
Le Trung Kien.