RSS feed

Re: libpam_ldap question and password change

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: libpam_ldap question and password change

On 17 feb 2010, at 21:52, Arthur de Jong wrote:

> On Tue, 2010-02-16 at 14:38 +0100, Bas van der Vlies wrote:
>> I am trying to replace the PADL libpam_ldap software. My setup is:
>>  debian: lenny
>>  openldap: 2.4.11-1+lenny1
>>  nss-ldap: 0.7.2
>> I can login on the node with a LDAP user. The only problem is that i
>> can not change my password with this new pam_ldap module.
> [...]
>> With the PADL pam_ldap module we can change the password but only the
>> new password is sent:
> [...]
>> Did i missed an option or is this a bug?
> This may be a bug but the exact working of the LDAP password modify EXOP
> request is scarcely document (RFC 3062 contains the most useful
> information).
> Anyway, I have changed the code to first try a password modification
> without the old password and if that fails retry it with the old
> password. Attached is a patch against 0.7.2 (also contains some other
> changes to that function that were applied).
> Perhaps this can be further improved. Comments are welcome.
Thanks for the patch. I will try it and let you know

Bas van der Vlies

To unsubscribe send an email to or see