> > On Wed, 2004-05-12 at 12:47, Mark A. Hoover wrote: > >>I'm hoping there's somebody out there with some LDAP experience. I've >>run across something for which I haven't found an answer on Google. >> >>I recently tried to use the passwd lock function on an account and >>received the following: >> >>[root@testbox root]$ passwd -l tuser >>Locking password for user tuser. >>passwd: Error (password not set?) >> >>The username exists and I can login as that user. I can also change the >>user's password without any problems. >> >>[root@testbox root]$ passwd tuser >>Changing password for user tuser. >>New password: >>Retype new password: >>LDAP password information changed for tuser >>passwd: all authentication tokens updated successfully. >> >> >>Any ideas? >> >> >>-- >>----------------------------------------------------- >>Mark Hoover >>mahoover@xxxxxxxxxxxxxxxx >> > > >
Dan wrote:
I dont think passwd has any ldap capabilities, so attempting to lock an account stored in LDAP using passwd(1) wont work.
I tried this here and got the same error as you. strace seems to show passwd looking in /etc/passwd for the given user.
Dan
Passwd will use LDAP if it's configured in /etc/nsswitch.conf.
However, it seems that the -l option doesn't do so, and fails if the account isn't found in /etc/passwd.
Is it a bug, or is it a "feature"?
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@xxxxxxxxxxxx
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555