Re: libpam_ldap question and password change
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: libpam_ldap question and password change
- From: Bas van der Vlies <basv [at] sara.nl>
- To: Arthur de Jong <arthur [at] arthurdejong.org>
- Cc: "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
- Subject: Re: libpam_ldap question and password change
- Date: Mon, 22 Feb 2010 11:27:57 +0100
On 17-02-10 21:52, Arthur de Jong wrote:
On Tue, 2010-02-16 at 14:38 +0100, Bas van der Vlies wrote:
I am trying to replace the PADL libpam_ldap software. My setup is:
debian: lenny
openldap: 2.4.11-1+lenny1
nss-ldap: 0.7.2
I can login on the node with a LDAP user. The only problem is that i
can not change my password with this new pam_ldap module.
[...]
With the PADL pam_ldap module we can change the password but only the
new password is sent:
[...]
Did i missed an option or is this a bug?
This may be a bug but the exact working of the LDAP password modify EXOP
request is scarcely document (RFC 3062 contains the most useful
information).
Anyway, I have changed the code to first try a password modification
without the old password and if that fails retry it with the old
password. Attached is a patch against 0.7.2 (also contains some other
changes to that function that were applied).
Perhaps this can be further improved. Comments are welcome.
I just test the patch and it fixes the problem.
Thanks
--
********************************************************************
* Bas van der Vlies e-mail: basv@sara.nl *
* SARA - Academic Computing Services Amsterdam, The Netherlands *
********************************************************************
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users
