Hello I have a samba 3 working as a PDC with Ldap as a authentication backend. I have a such problem, when user in windows try to change password to samba by ctr+alt+delete, password is changing (password is also sync and it works fine ), but the ldap attribute shadowLastChange doesnt change. What is wrong? thanks in advance tim
Hi, empirium schrieb:> I have a samba 3 working as a PDC with Ldap as a authentication backend. > I have a such problem, when user in windows try to change password to > samba by ctr+alt+delete, password is changing (password is also sync and > it works fine ), but the ldap attribute shadowLastChange doesnt change. > What is wrong?Maybe the user you use to connect to LDAP is not allowed to write this attribute. Have a look to your LDAP configuration. Regards Marc -- Marc Muehlfeld (Leitung Systemadministration) Zentrum fuer Humangenetik und Laboratoriumsmedizin Dr. Klein und Dr. Rost Lochhamer Str. 29 - D-82152 Martinsried Telefon: +49(0)89/895578-0 - Fax: +49(0)89/895578-78 http://www.medizinische-genetik.de
Marc Muehlfeld napisa?(a):> Hi, > > empirium schrieb: >> I have a samba 3 working as a PDC with Ldap as a authentication backend. >> I have a such problem, when user in windows try to change password to >> samba by ctr+alt+delete, password is changing (password is also sync >> and it works fine ), but the ldap attribute shadowLastChange doesnt >> change. >> What is wrong? > > Maybe the user you use to connect to LDAP is not allowed to write this > attribute. Have a look to your LDAP configuration. > > > Regards > Marc >is slapd.conf I have access to * by self write by users read by anonymous auth
On Tue, 2007-09-11 at 08:21 +0200, empirium wrote:> Hello > I have a samba 3 working as a PDC with Ldap as a authentication backend. > I have a such problem, when user in windows try to change password to > samba by ctr+alt+delete, password is changing (password is also sync and > it works fine ), but the ldap attribute shadowLastChange doesnt change. > What is wrong?Is it meant to? Samba updates it's attributes - if you changed the LDAP password too, then perhaps you should look into a server side module that might also update that value? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20070911/070da772/attachment.bin