Re: [Samba] AD DC LDAP support for the 'password change' extended operation
On Thu, 2013-02-07 at 08:25 +1100, Andrew Bartlett wrote: On Mon, 2013-02-04 at 10:31 +0100, Luis Angel Fernandez Fernandez wrote: ldappasswd -d4 -h 192.168.0.137 cn=juan.lapuerta,ou=alisys.net ,dc=aliratiun,dc=tic ldap_build_search_req ATTRS: supportedSASLMechanisms SASL/GSSAPI authentication started SASL username: administra...@aliratiun.tic SASL SSF: 56 SASL data security layer installed. Result: Protocol error (2) Additional info: Extended Operation(1.3.6.1.4.1.4203.1.11.1) not supported But I think I read somewhere that that extended operation is supported. I can help on this part of the question: No, the extended operation is not supported - it remains a wishlist item that one of our developers was working on at some point, but has not progressed beyond that. Luis, that is Bug#5611 https://bugzilla.samba.org/show_bug.cgi?id=5611 -- Adam Tauno Williams System Administrator, OpenGroupware Developer, LPI / CNA Fingerprint 8C08 209A FBE3 C41A DD2F A270 2D17 8FA4 D95E D383 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] AD DC LDAP support for the 'password change' extended operation
2013/2/6 Andrew Bartlett abart...@samba.org I can help on this part of the question: No, the extended operation is not supported - it remains a wishlist item that one of our developers was working on at some point, but has not progressed beyond that. First of all, thank you for your answer. I think I don't understand what's happening with my setup then. Using this ldapadmin (http://www.ldapadmin.org/index.html) client I could create a password for one dn I made up (CN=luisangel.fernandez,OU=alisys.net,OU=dominios,DC=aliratiun,DC=tic). Does ldapadmin use any other extension to change the password? And do you have any idea what could I have been changed so it's not working anymore? I know, it's a weird question, but I don't know what else to do. Using wireshark I get an STATUS_CONNECTION_REFUSED as response to a NT Create AndX request with \samr as path. I get that just before ldapadmin shows a dialog saying that RPC server is unavailable. And in samba logs nothing seems wrong. -- Linkedin profile (http://es.linkedin.com/in/lafdez) G+ profile (https://plus.google.com/u/0/115320207805121303027/about) Twitter (@lafdez @_lafdez_) Identi.ca (@lafdez) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] AD DC LDAP support for the 'password change' extended operation
On Mon, 2013-02-04 at 10:31 +0100, Luis Angel Fernandez Fernandez wrote: Hi! I'm trying to use the internal LDAP provided by Samba4 to store mail domains used by SOGo. I have two sets of users. Those used by Samba and created through samba-tool and those created under some ou I have made up. A few days ago I was able to change the latter users passwords using ldapadmin (a windows LDAP client) but today I am not. When I try to change a password I get an error message like RPC server unavailable. And I have another problem with LDAP. I have to use ldapadmin to change users' password because ldappasswd gives me this error: ldappasswd -d4 -h 192.168.0.137 cn=juan.lapuerta,ou=alisys.net ,dc=aliratiun,dc=tic ldap_build_search_req ATTRS: supportedSASLMechanisms SASL/GSSAPI authentication started SASL username: administra...@aliratiun.tic SASL SSF: 56 SASL data security layer installed. Result: Protocol error (2) Additional info: Extended Operation(1.3.6.1.4.1.4203.1.11.1) not supported But I think I read somewhere that that extended operation is supported. I can help on this part of the question: No, the extended operation is not supported - it remains a wishlist item that one of our developers was working on at some point, but has not progressed beyond that. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba