Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Solaris 9 native ldap client + openldap - su - passwd pb

807559Jan 11 2007 — edited Jan 11 2007

Hello,
I'm using an Openldap 2.3.32 server for samba and solaris user authentification.
ldaplist works fine, so does su - from root dans passwd command (I check the changes in the directory using lbe)
Problem is, if I try to su - user from someone else than root, I end with "su failed".

in the ldaplist command, userpassword attribute does not show. I don't know why yet. maybe ACLs.

Someone has an idea?

user lblin is in the ldap directory:

# ldaplist -l passwd lblin
dn: uid=lblin,ou=People,dc=icam-nantes,dc=fr
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: lblin
sn: lblin
givenName: lblin
uid: lblin
gidNumber: 1001
loginShell: /usr/bin/bash
gecos: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
displayName: System User
sambaSID: S-1-5-21-106863388-2948719813-2912489731-3014
sambaPrimaryGroupSID: S-1-5-21-106863388-2948719813-2912489731-3003
sambaLogonScript: logon.bat
sambaProfilePath: \\CALIMERO\lblin\profile
sambaHomePath: \\CALIMERO\lblin
sambaHomeDrive: Z:
homeDirectory: /usr2/lblin
uidNumber: 1001
sambaLMPassword: 357694FAFC637E9AAAD3B435B51404EE
sambaAcctFlags:
sambaNTPassword: 915910A852D1A0B3990D8273AA45F9A1
sambaPwdLastSet: 1168514661
sambaPwdMustChange: 1207394661
shadowLastChange: -1
shadowMin: -1
shadowWarning: 7
shadowMax: 99999
shadowInactive: -1
shadowExpire: -1
shadowFlag: 0

# passwd lblin
Enter lblin's password:
New Password:
Re-enter new Password:
passwd: password successfully changed for lblin

check with lbe: password has been changed

# su - lblin
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
bash-2.05$ pwd
/usr2/lblin

bash-2.05$ su - lblin
Password:
su: Sorry

actually, this behaviour seems strange: If I try to change my passwd, it first asks for root user.

$ passwd
passwd: Changing password for root
LDAP Password:
Permission denied

If I try to change from lblin my password:
bash-2.05$ passwd lblin
Enter existing login password:
passwd: Sorry, wrong passwd
Permission denied

Any help will be appreciate
Laurent

Message was edited by:
lbl@scasicomp.com

Locked Post

New comments cannot be posted to this locked post.

Locked on Feb 8 2007

Added on Jan 11 2007

#oracle-solaris, #solaris-9

1 comment

335 views