HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

HPUX LDAP Client Fails to allow local passwd changing

 
DQ_1
Occasional Visitor

HPUX LDAP Client Fails to allow local passwd changing

I have an HPUX Version 11.11 Ldap Client and a Sun Dirctory Server. The problem is: I am using netgroups for secure access on the HP client so the parameter "passwd_compat " is being used in the nsswitch.conf file. If the passwd_compat line is used this will break local passwd changes.
Attempting to change a local passwd as root will only do a return to the command line with no action.
If I take out the passwd_compat line and just have " passwd: files ldap" This will alow root or a local user to change the local passwd.

Passwd changes to the ldap directory however work fine as root with the passwd_compat line.

Question:

How can I get local passwd changes to work at the same time using the "passwd_compat" line in the nsswitch.conf file.


Thanks
Dan
4 REPLIES
Steven E. Protter
Exalted Contributor

Re: HPUX LDAP Client Fails to allow local passwd changing

Shalom Dan,

Is your version of Ldap Client current for HP-UX.

The behavior you are encountering may be as a result of a bug.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
DQ_1
Occasional Visitor

Re: HPUX LDAP Client Fails to allow local passwd changing


Hi Steven,

Yes It is the most recent release - B.04.20

Does this release have a problem.

Thanks
Dan




Bob Neal-Joslin
Trusted Contributor

Re: HPUX LDAP Client Fails to allow local passwd changing

Hi Dan,

I have been able to duplicate your problem. And I discovered that it doesn't seem to be a problem specific to LDAP-UX, but with the passwd_compat directive itself (as you imply above.) I.E. The following nsswitch.conf directives also encounter the same problem.

passwd: compat
passwd_compat: files

I'm afraid this will require additional investigation. But I would recommend you contact your support representiative. We may have a workaround for the compat mode requirement that may solve this issue. I could also recommend you look at pam_authz (part of LDAP-UX). If all you need is the ability to perform access control.

Bob

DQ_1
Occasional Visitor

Re: HPUX LDAP Client Fails to allow local passwd changing



Thanks Bob, I have found a fix from the vendor HP , they have suggested a passwd command to work around the problem. The command is :

# passwd â r files â F /etc/passwd test3


They are still looking at this issue , but this command will work for us to get going.

Thanks
Dan