[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] AD Password Change INSUFF_ACCESS_RIGHTS
From:       "Roney Duilio Stein" <roney () kaizen ! com ! br>
Date:       2003-01-30 16:51:33
[Download RAW message or body]


Hello,

I have a RH 8 authenticating users in an Active Directory base. When a user
tries to change the password he gets this error message:

LDAP password information update failed: Unknown error
00000005: SecErr: DSID-03190C34, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Of course there's no hint on the windows side. The communication occurs all
over port 636.

If anyone knows something about it, please let me know.

The ldap.conf file is:

host LDAP.kaizen.ldap
base DC=kaizen,DC=ldap
ldap_version 3
binddn CN=Administrator,CN=Users,DC=kaizen,DC=ldap
bindpw  kaizen
scope sub
pam_filter objectclass=user
pam_login_attribute sAMAccountName
pam_password ad
nss_base_passwd dc=kaizen,dc=ldap?sub
nss_base_shadow dc=kaizen,dc=ldap?sub
nss_base_group  dc=kaizen,dc=ldap?sub
nss_map_objectclass posixAccount User
nss_map_attribute uid sAMAccountName
nss_map_attribute uniqueMember Member
nss_map_attribute userPassword msSFUPassword
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute cn sAMAccountName
ssl yes


Thank you in advance,

--
Roney Stein
roney@kaizen.com.br
Kaizen Consultoria e Servicos Ltda
+55-19-3834-1255
[prev in list] [next in list] [prev in thread] [next in thread]