On Sun, Sep 23, 2018 at 10:24:28PM +0200, Clément OUDOT wrote:
Le 23/09/2018 à 21:22, Ervin Hegedüs a écrit :
> On Thu, Sep 20, 2018 at 02:11:43PM +0100, Howard Chu wrote:
>> Use the smbk5pwd overlay.
> I've tried it:
> but when I changed the userPassword, the sambaNTPassword and
> sambaLMPassword attributes doesn't changed.
> What did I missed?
smbk5pwd overlay only works if password change has been made with
extended password modify operation (this operation is done with
ldappasswd, not with ldapmodify).
meanwhile I found that, before I saw your e-mail.
Anyway, is that any solution to prevent that the users modify
their passwords with only ldappasswd (if it knows how does it
works), and deny the using of ldapmodify? I mean can I configure
OpenLDAP ACL rules for this?