-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
One more thing before I forget, if you have a password sufficient pam_ldap.so ... statement in the appropriate /etc/pam.d/... file, with the appropriate defaults in /etc/ldap.conf, then users should be able to use the standard unix 'passwd' command. Warnings: pam_ldap didn't used to set the shadow_last_changed ldap attribute. So expired passwords stayed expired no matter how many times they were changed. This was two years ago+ though, so test it and it might be fixed. insure that if you're working from a master - slave ldap replication environment that your slaves properly give referrals to your masters, and that your clients follow referrals. Luck, - -- Pat CHAPLIN, JAMES (CTR) wrote: > We are trying to allow users to change their mainframe password through > LDAP via ldappasswd command: > > > > home/user1)#ldappasswd -A -S -H ldap://hostname:port# user1 > > Old password: > > Re-enter old password: > > New password: > > Re-enter new password: > > SASL/EXTERNAL authentication started > > ldap_sasl_interactive_bind_s: Unknown authentication method (-6) > > additional info: SASL(-4): no mechanism available: > > > > We are using Top Secret on the mainframe; we have IBM LDAP on the > mainframe with NATIVEAUTH active (so it is getting the password directly > from Top Secret). However this command is failing to change the Top > Secret stored password. Any suggestions where to look or make changes to > resolve this? > > > > James Chaplin > > Systems Programmer, MVS, zVM & zLinux > > Base Technologies, Inc > > Supporting the zSeries Platform Team > > > > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknLoDAACgkQNObCqA8uBsy/CACgntk5lD1zZQbaLZMMrxkouQEl ONYAnR+8c6W6H4r8+RGHXcrX/m51VouP =c1IP -----END PGP SIGNATURE----- ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390