Just in case someone has the same problem; Apparently you need to change something in the slapd.conf of the server and add the following:<br>access to attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdMustChange,sambaPwdLastSet<br>
by dn="cn=admin,dc=workgroup" write<br> by self write<br> by anonymous auth<br> by * none<br><br>access to attrs=shadowLastChange,shadowMax<br> by dn="cn=admin,dc=workgroup" write<br> by self write<br>
by * read<br><br>I cant say if it works since I did somthing else. What I did is I downloaded an LDAP GUI from LDAPsoft and used the SQL editor to change shadowMax field to 0 for all users. That removed the expired password issue.<br>
<br><br><br><div class="gmail_quote">On Wed, Jan 6, 2010 at 10:40 AM, Nicolas Roussi <span dir="ltr"><<a href="mailto:nroussi@gmail.com">nroussi@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi everyone,<br>I have an LDAP server and a few edubuntu servers as LDAP clients. The LDAP users login through the thin clients and everything works perfectly but when their passwords expire, they cannot change them through the login interface. They receive a message that "Your password has expired and you need to change it.". Then they type their new password and confirm it but it just kicks back to the login screen. I know it has something to do with some pam settings but I cant figure it out. Does anyone have any solutions?<br>
<br>Thanks<br clear="all"><br>-- <br><font color="#888888">Nicolas Roussi<br>
</font></blockquote></div><br><br clear="all"><br>-- <br>Nicolas Roussi<br>