ROSA Linux Bugzilla – Bug 3108
OpenLDAP needs Heimdal Kerberos support restored!
Last modified: 2015-03-26 08:47:25 MSK
OpenLDAP does not produce smbk5pwd.la due to a decsion to compile it without Heimdal. This needs to be reversed.
While nss-ldapd is used for the nsswitch.conf uses LDAP for Authorization, actual authentication by PAM takes place with pam_krb5. smbk5pwd was used to sync up OpenLDAP Posix, Samba, and Heimdal Kerberos passwords. (Heimdal used OpenLDAP as its backend database.)
When libuser.conf was configured to utilize LDAP such that userdrake, lpasswd, luseradd, etc could alter passwords and usernames, smbk5pwd made sure those password changes all said the same thing. Now that has stopped working, because the password sync only syncs OpenLDAP and Samba, and not Heimdal. (resulting in passwords not being changed.)
Please restore the prior functionality.
We are working on it. Please see Bug 5098.
*** This bug has been marked as a duplicate of bug 5098 ***