On 11/06/2012 07:00 AM, 389-users-request(a)lists.fedoraproject.org wrote:
> Send 389-users mailing list submissions to
> 389-users(a)lists.fedoraproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
> or, via email, send a message with subject or body 'help' to
> 389-users-request(a)lists.fedoraproject.org
>
> You can reach the person managing the list at
> 389-users-owner(a)lists.fedoraproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of 389-users digest..."
>
>
> Today's Topics:
>
> 1. Re: 389-users Digest, Vol 90, Issue 2 (albert.solaris)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 05 Nov 2012 12:05:13 -0500
> From: "albert.solaris" <albert.solaris(a)gmail.com>
> To: 389-users(a)lists.fedoraproject.org
> Subject: Re: [389-users] 389-users Digest, Vol 90, Issue 2
> Message-ID: <5097F1C9.4070009(a)gmail.com>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>
> On 11/02/2012 08:00 AM, 389-users-request(a)lists.fedoraproject.org wrote:
>> Send 389-users mailing list submissions to
>> 389-users(a)lists.fedoraproject.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>> or, via email, send a message with subject or body 'help' to
>> 389-users-request(a)lists.fedoraproject.org
>>
>> You can reach the person managing the list at
>> 389-users-owner(a)lists.fedoraproject.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of 389-users digest..."
>>
>>
>> Today's Topics:
>>
>> 1. LDAP authentication related - CANNOT change password by
>> running passwd on clients (albert.solaris)
>> 2. Re: LDAP authentication related - CANNOT change password by
>> running passwd on clients (Dan Lavu)
>> 3. Re: LDAP authentication related - CANNOT change password by
>> running passwd on clients (Grzegorz Dwornicki)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Thu, 01 Nov 2012 16:02:39 -0400
>> From: "albert.solaris" <albert.solaris(a)gmail.com>
>> To: 389 Mail list <389-users(a)lists.fedoraproject.org>
>> Subject: [389-users] LDAP authentication related - CANNOT change
>> password by running passwd on clients
>> Message-ID: <5092D55F.8020001(a)gmail.com>
>> Content-Type: text/plain; charset="iso-8859-1";
Format="flowed"
>>
>> I am stuck in the 389 DS implementation, hope someone could help me out.
>>
>> My situation is that I am trying to establish a cute enterprise
>> environment with VMWorkstation and CentOS. All guest OSs are CentOS6.3
>> based. So far I have got DNS, DHCP, Gateway, File server worked
>> perfectly; However, the 389 LDAP server here, Hmm... I would say it is
>> partially working. And this is also where you come in.
>>
>> What does it mean by 'partially working' exactly? Let me tell you.
>>
>> What happened here is that I've installed and configured 389 DS without
>> SSL/TLS enable, migrated local users on my file server to the LDAP
>> already. Now, from my DHCP clients, also LDAP clients, I can retrieve
>> information within the LDAP server by running ldapsearch, I can even
>> change to regular users (i.e. user1/user2/.../user10 created on the file
>> server) with Autofs home directory mounted automatically. Somehow, I
>> cannot change password by running passwd command.
>>
>> Here is what I got when changing.
>> [root@dhcpclient sssd]# /su - user1/
>> [user1@dhcpclient ~]$
>> [user1@dhcpclient ~]$ /passwd/
>> Changing password for user user1.
>> Current Password:
>> passwd: Authentication token manipulation error
>> [user1@dhcpclient ~]$
>>
>> I am new to Linux, so have no idea about the reason behind that. Is it
>> a LDAP acl issue, or sssd configuration issue, or security pam issue, or
>> whatever else.
>>
>> If you could help me out, that would be great. Please let me know if
>> you want any configuration files from me. I don't want to attach
>> everything here to scare you.
>>