FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 12-30-2010, 09:24 AM
MAP 007
 
Default 389 Directory server + passwd problem

Hi,

Recently i have setup 389 DS on my CentOS machine.Now yesterday i m able to reset user's password. Now i m not able to reset it....

I have checked my directory server's setting and found that i have mistakenly set "disallow_pw_change_aci" ACL. Now i have deleted this one. But whenever i restart my dirsrv and dirsrv-admin services i see "disallow_pw_change_aci" ACL again in my directory server.


Que.1 Now how to remove parmanently ?

And secondly when i remove this from directory server and then try to change password i am getting below error:-

LDAP password information update failed: Server is unwilling to perform

user is not allowed to change password
passwd: Permission denied

Que.2 Now how to sort out this one... ?

Que.3 And one more question is, where i will find all these logs...if someone file these command at client as well as server machine(i.e. ldapsearch, ldapadd, ldapdelete, passwd, passwd lock etc...)



Thank you.
Piyush

--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 01-04-2011, 08:43 PM
Rich Megginson
 
Default 389 Directory server + passwd problem

On 12/30/2010 03:24 AM, MAP 007 wrote:
Hi,



Recently i have setup 389 DS on my CentOS machine.Now yesterday i
m able to reset user's password. Now i m not able to reset it....



I have checked my directory server's setting and found that i have
mistakenly set "disallow_pw_change_aci" ACL. Now i have deleted
this one. But whenever i restart my dirsrv and dirsrv-admin
services i see "disallow_pw_change_aci" ACL again in my directory
server.



Que.1 Now how to remove parmanently ?


How are you deleting it?* What exactly are you doing?* Are you using
replication?



And secondly when i remove this from directory server and then try
to change password
What is the exact command you are using to change the password?

Can you post excerpts from your access log showing the password
change operation?

i am getting below error:-



LDAP password information update failed: Server is unwilling to
perform

user is not allowed to change password

passwd: Permission denied



Que.2 Now how to sort out this one... ?



Que.3 And one more question is, where i will find all these
logs...if someone file these command at client as well as server
machine(i.e. ldapsearch, ldapadd, ldapdelete, passwd, passwd lock
etc...)


I don't think there are any client side logs - maybe
/var/log/messages or /var/log/secure?



The server side logs should have some information -
/var/log/dirsrv/slapd-yourinstance/access and errors






Thank you.

Piyush



--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 12:02 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org