On Sunday, 6 December 2009 15:49:58 Robert Heller wrote:
At Sun, 6 Dec 2009 02:13:28 +0100 Serge Fonville serge.fonville@gmail.com
wrote:
On Fri, Dec 4, 2009 at 5:55 PM, Robert Heller heller@deepsoft.com wrote:
I have Openldap set up on a CentOS 5 system (using the stock 2.3.43 RPMS) and I want to allow users to change their passwords, but I am confused by the documentation (it has both too much and not enough information -- there don't appear to be simple HowTos for common setups).
Have you tried ldappasswd?
ldappasswd's man pages say:
ldappasswd is neither designed nor intended to be a replacementfor passwd(1) and should not be installed as such.
I am not sure what this is implying. It may be that it is implying it should not be installed in place of a typical passwd program (e.g. over /bin/passwd). However, ldappasswd can be used by users to change their own passwords, and is definitely useful for testing whether password changing works (to rule out application configuration issues).
Are the man pages wrong?
Regarding what?
Or alternatively passwd -r ldap?
I think this is Solaris-specific.
The version of passwd available under CentOS 5 (0.73) does not have a -r option.
Your PAM configuration should have been updated (if you used authconfig or similar) to change passwords via LDAP, so 'passwd' as an LDAP user should work.
Regards, Buchan