try chuser SYSTEM=LDAP registry=LDAP [USER]

Mit freundlichen Grüßen
Howard ALLISON



openldap-technical-bounces@openldap.org wrote on 27.10.2010 10:37:08:

> Stef Coene <stef.coene@docum.org>

> Gesendet von: openldap-technical-bounces@openldap.org
>

> 27.10.2010 10:43
>
> An

>
> openldap-technical@openldap.org

>
> Kopie

>
> Thema

>
> Re: AIX as openldap client

>
> > > Oct 26 20:44:12 ldap1 slapd[28664]: Entry
> > > (uid=xxx,ou=people,dc=xxx,dc=xxx), attribute 'shadowLastChange' not
> > > allowed
> > > Oct 26 20:44:12 ldap1 slapd[28664]: entry failed schema check: attribute
> > > 'shadowLastChange' not allowed
> > >
> > > Is this important?
> >
> > Yes, because either nis.schema or rfc2307bis.schema are missing.
> I just reconfigured the openldap server and made sure nis and rfc2307bis are
> loaded. I created a test user with
> objectClass: aixAuxAccount
> objectClass: posixAccount
> objectClass: shadowAccount
> objectClass: inetOrgPerson
>
> I can login to my test linux server with this user but not on the
> AIX server.
> When I do a telnet to the AIX server, I can enter the username, but before I
> can enter the password, I get the error
> 3004-007 You entered an invalid login name or password.
>
> For the password, this is stored in plain text when I add the user. Before I
> can login to the linux server, I have to change it with passwd and
> after that,
> the password is encrypted with {crypt} and I can login to the linux client:
> userPassword: {crypt}$1$.xxxxxxxxxxxxxxxxxxxxxxxx/
> Can this be the problem? I don't know what encrytion AIX expects.
>
>
> Stef
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________


--------------------------
VERTRAULICHKEIT: Diese Nachricht ist ausschließlich für denjenigen bestimmt, an
den sie adressiert ist und kann vertrauliche Informationen enthalten. Falls Sie nicht
der Empfänger dieser Nachricht sind, weisen wir Sie darauf hin, dass die
unberechtigte Weitergabe oder Verwendung sowie das unberechtigte Verteilen oder
Kopieren dieser Nachricht strikt untersagt sind. Falls Sie diese Nachricht irrtümlich
erhalten haben, vernichten Sie sie bitte sofort.

CONFIDENTIALITY: This message is intended only for the use of the individuality or
entity to which it is addressed and may contain information that is privileged,
confidential and exempt from disclosure. If you are not the intended recipient you are
notified that any dissemination, distribution, use or copying of this communication is
strictly prohibited. If you received this message in error, please immediately destroy
this message.
--------------------------