Bug 3108 - OpenLDAP needs Heimdal Kerberos support restored!
: OpenLDAP needs Heimdal Kerberos support restored!
Status: RESOLVED DUPLICATE of bug 5098
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: Alexey Ivanov
: ROSA Linux Bugs
Depends on:
  Show dependency treegraph
Reported: 2013-11-10 20:25 MSK by Zombie Ryushu
Modified: 2015-03-26 08:47 MSK (History)
1 user (show)

See Also:
RPM Package: openldap-servers
Bad POT generating:


Note You need to log in before you can comment on or make changes to this bug.
Description Zombie Ryushu 2013-11-10 20:25:10 MSK
OpenLDAP does not produce smbk5pwd.la due to a decsion to compile it without Heimdal. This needs to be reversed. 


While nss-ldapd is used for the nsswitch.conf uses LDAP for Authorization, actual authentication by PAM takes place with pam_krb5. smbk5pwd was used to sync up OpenLDAP Posix, Samba, and Heimdal Kerberos passwords. (Heimdal used OpenLDAP as its backend database.)

When libuser.conf was configured to utilize LDAP such that userdrake, lpasswd, luseradd, etc could alter passwords and usernames, smbk5pwd made sure those password changes all said the same thing. Now that has stopped working, because the password sync only syncs OpenLDAP and Samba, and not Heimdal. (resulting in passwords not being changed.)

Please restore the prior functionality.
Comment 1 Alexey Ivanov 2015-03-26 08:47:25 MSK
We are working on it. Please see Bug 5098.

*** This bug has been marked as a duplicate of bug 5098 ***