Wheezy Gosa² setup
Hi,
concerning Wolfgangs work on the GOsa setup for wheezy which I
currently do for debian-lan, I found the following which I would like
to share to not double debugging.
I had to modify the variable name to be send to gosa-sync:
<pathMenu>
<plugin
acl="users/netatalk:self,users/environment:self,users/posixAccount:self,users/kolabAccount:self,users/php
<plugin acl="users/password:self" class="password"
- postmodify="USERPASSWORD=%userPassword /usr/bin/sudo
/usr/local/sbin/gosa-sync %dn"
+ postmodify="USERPASSWORD=%new_password /usr/bin/sudo
/usr/local/sbin/gosa-sync %dn"
/>
</pathMenu>
If I don't do that, I end up with the hash in the variable making gosa
sync fail. If you don't need that, it would be rather interesting to
find out why it's needed here.
In addition and for your information, I filed
http://bugs.debian.org/698544 on the use of SASL instead of ssha as
"password hash" in GOsa. Using SASL would allow to authenticate login
to gosa with kerberos authentication. The password hashes would
only be stored in kerberos and additionally providing the hash in LDAP
wouldn't be needed anymore. kpasswd could be used for changes as well
as the GOsa interface.
Best regards,
Andi
Reply to: