try chuser SYSTEM=LDAP registry=LDAP [USER]
Mit freundlichen Grüßen Howard ALLISON
Pensionsversicherungsanstalt Rechenzentrumsbetrieb A-1021 Wien, Friedrich-Hillegeist-Straße 1
E-Mail..: howard.allison@pva.sozvers.at Internet: www.pensionsversicherung.at
openldap-technical-bounces@openldap.org wrote on 27.10.2010 10:37:08:
Stef Coene stef.coene@docum.org Gesendet von: openldap-technical-bounces@openldap.org
27.10.2010 10:43
An
openldap-technical@openldap.org
Kopie
Thema
Re: AIX as openldap client
Oct 26 20:44:12 ldap1 slapd[28664]: Entry (uid=xxx,ou=people,dc=xxx,dc=xxx), attribute 'shadowLastChange' not allowed Oct 26 20:44:12 ldap1 slapd[28664]: entry failed schema check:
attribute
'shadowLastChange' not allowed
Is this important?
Yes, because either nis.schema or rfc2307bis.schema are missing.
I just reconfigured the openldap server and made sure nis and rfc2307bis
are
loaded. I created a test user with objectClass: aixAuxAccount objectClass: posixAccount objectClass: shadowAccount objectClass: inetOrgPerson
I can login to my test linux server with this user but not on the AIX server. When I do a telnet to the AIX server, I can enter the username, but
before I
can enter the password, I get the error 3004-007 You entered an invalid login name or password.
For the password, this is stored in plain text when I add the user.
Before I
can login to the linux server, I have to change it with passwd and after that, the password is encrypted with {crypt} and I can login to the linux
client:
userPassword: {crypt}$1$.xxxxxxxxxxxxxxxxxxxxxxxx/ Can this be the problem? I don't know what encrytion AIX expects.
Stef
This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
-------------------------- VERTRAULICHKEIT: Diese Nachricht ist ausschließlich für denjenigen bestimmt, an den sie adressiert ist und kann vertrauliche Informationen enthalten. Falls Sie nicht der Empfänger dieser Nachricht sind, weisen wir Sie darauf hin, dass die unberechtigte Weitergabe oder Verwendung sowie das unberechtigte Verteilen oder Kopieren dieser Nachricht strikt untersagt sind. Falls Sie diese Nachricht irrtümlich erhalten haben, vernichten Sie sie bitte sofort.
CONFIDENTIALITY: This message is intended only for the use of the individuality or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure. If you are not the intended recipient you are notified that any dissemination, distribution, use or copying of this communication is strictly prohibited. If you received this message in error, please immediately destroy this message. --------------------------
