On Monday, 8 November 2010 16:07:25 Stef Coene wrote:
On Monday 08 November 2010, you wrote:
Hello Stef,
could you please point what you did to solve your problems as anybody else could be interested in that solution. Unfortunately, these machines are on my schedule, too. :)
I'm documenting the steps I do to get it working and the possible problems. When I'm done, I will post them somewhere. I also have to this on the production servers.
I still have some problems with the passwords. I have to change the password from an AIX box before it works.
What hash ends up in userPassword in this case? crypt? Real crypt(), with it's 8-character limit?
This normally indicates a problem in the configuration. On a Linux host, this would typically indicate that nss_ldap was set up, but pam_ldap was not, and authentication was working via app->PAM->pam_unix->getspent(3)->nss->nss_ldap-
LDAP, whereas you may prefer app->PAM->pam_ldap (otherwise some pam_ldap-
based authorization features don't work, password hashes are limited to those that are supported by all your clients etc.).
I don't have any access to our AIX hosts though ...
Regards, Buchan