From owner-freebsd-current@FreeBSD.ORG  Tue Nov 20 06:21:51 2007
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A597916A469;
	Tue, 20 Nov 2007 06:21:51 +0000 (UTC)
	(envelope-from ohartman@zedat.fu-berlin.de)
Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de
	[130.133.4.66])
	by mx1.freebsd.org (Postfix) with ESMTP id 452B413C469;
	Tue, 20 Nov 2007 06:21:51 +0000 (UTC)
	(envelope-from ohartman@zedat.fu-berlin.de)
Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69])
	by outpost1.zedat.fu-berlin.de (Exim 4.67) with esmtp
	(envelope-from <ohartman@zedat.fu-berlin.de>)
	id <1IuMUR-0002Yj-0K>; Tue, 20 Nov 2007 07:21:43 +0100
Received: from telesto.geoinf.fu-berlin.de ([130.133.86.198])
	by inpost2.zedat.fu-berlin.de (Exim 4.67) with esmtpsa
	(envelope-from <ohartman@zedat.fu-berlin.de>)
	id <1IuMUQ-0003ZW-Vg>; Tue, 20 Nov 2007 07:21:43 +0100
Message-ID: <47427D11.2080805@zedat.fu-berlin.de>
Date: Tue, 20 Nov 2007 06:22:09 +0000
From: "O. Hartmann" <ohartman@zedat.fu-berlin.de>
Organization: Freie =?ISO-8859-15?Q?Universit=E4t_Berlin?=
User-Agent: Thunderbird 2.0.0.6 (X11/20071101)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org,  freebsd-current@FreeBSD.org
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: 130.133.86.198
Cc: 
Subject: changing passowrd on LDAP backend?
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Nov 2007 06:21:51 -0000

Running several FreeBSD 7.0-BETA2/3 boxes with OpenLDAP 2.3.39-backend 
drove me into a problem:
No local user is capable of neither changing his password nor shell or 
GECOS although this is allowed by users to do in LDAP ACLs.
Looking for a solution in mailing lists I found only one - patching 
usr.bin/passwd/passwd.c. Doing so, users were capable of changing their 
passwords on LDAP backedn. Without this "patch" (simply commenting out a 
line and inserting a fprintf()-line for convenience) someone will get an 
error message only local users may change their passwords.

So, what is wrong with passwd.c not to be capable of changing passwords 
with an OpenLDAP backend by default?

Regards,
Oliver