password plugin: using LDAP EXOP for changing passwords (RFC3062)
|Reported by:||timeos||Owned by:|
|Severity:||normal||Keywords:||ldap exop, password|
Description (last modified by alec)
please append EXOP (ldap EXtended OPeraton) form of change password operation in LDAP. It's due to password syncing along multiple password attributes (userPassword, sambaLMpassword, sambaNTpassword, kerberos pass) through openLDAP trigger named smbk5pwd. this trigger is only triggered by ldap passwd exop operation. when that operation is catched by this trigger, it's responsible for automatic change of all password attributes for specific user.