FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 09-27-2010, 04:33 PM
James Smallacombe
 
Default ldappasswd and shadowLastChange attribute

I finally figured out a working shell script to make LDAP user password
changes using mozldap/ldappasswd. Unfortunately, I just discovered that
changing the password using this does not update the "shadowLastChange"
attribute, so users with expired passwords are still not able to log in,
even after an admin has reset their password in this manner.

Since we are migrating from traditional shadow passwords to LDAP, the
attribute we need to get updated by this is "shadowLastChange"

I attempted to work around this in /etc/ldap.conf by adding this:

nss_map_attribute shadowLastChange pwdLastSet

But to no avail. In addition, the "change ldap password" plugin also does
not update this, although webmin users and groups module does.

What am I missing? Thanks in Advance!

James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am
================================================== =======================
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 06:23 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org