Krsnendu dasa wrote:
> Does this work for non-root users? When I tried something similar in the
> pass only root could change passwords. It seemed that users could change
> their own passwds, but they never actually changed. Maybe it was the way
> smbldap was set up. It thought that a way around this would be to make a
> script that runs sudo that calls the smbldap passwd script. all users
> would need sudo rights to run just the script.
>
It works for me. If only root can change passwords, then you may need to
check our your LDAP configuration to make sure that the password
attributes (all 3 of them) are writeable by the user. A simple ACL
*similar* to this should work:
# basic password protection -jrl
access to attrs=userpassword,sambaLMpassword,sambaNTpassword
by dn="uid=root,ou=Users,dc=ascs,dc=net" write
by self write
by * auth
access to *
by dn="uid=root,ou=Users,dc=ascs,dc=net" write
by * read
> On 07/03/2008, *John Lucas* <mrjohnlucas gmail com
<mailto:mrjohnlucas gmail com>> wrote:
> ml bortal de <mailto:ml bortal de> wrote:
> > Hello List,
> >
> > how can the users change their own password in a unix shell?
> >
> > foobar PDC:~$ passwd
> > Enter login(LDAP) password:
> > New password:
> > Re-enter new password:
> > LDAP password information update failed: Unknown error
> >
> > passwd: Permission denied
> >
>
>
> If you are using SMBLDAP then using "smbpasswd" works to change both the
> Unix and Samba passwords stored in LDAP, just make sure that it acts
> on the PDC. Assuming the PDC is named "pdchost":
>
> smbpasswd -r pdchost username
>
> It will prompt for for old and new passwords. You can put it on a GUI
> menu with xterm:
>
> xterm -e "smbpasswd -r pdchost $USER"
>
>
>
> --
> "History doesn't repeat itself; at best it rhymes."
> - Mark Twain
>
> | John Lucas MrJohnLucas gmail com
<mailto:MrJohnLucas gmail com> |
| St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
> | 18.3°N, 65°W AST (UTC-4) |
>
>
> _______________________________________________
> K12OSN mailing list
K12OSN redhat com <mailto:K12OSN redhat com>
https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
>
>
------------------------------------------------------------------------
> _______________________________________________
> K12OSN mailing list
> K12OSN redhat com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
--
"History doesn't repeat itself; at best it rhymes."
- Mark Twain
| John Lucas MrJohnLucas gmail com |
| St. Thomas, VI 00802 http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W AST (UTC-4) |
_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>