The errors on the command line were -
[LDAP]: 3004-330 Your encrypted password is invalid.
3004-320 Only the system administrator can change this password.
sudo: a password is required
Some configure options were -
1.9.12p2: --prefix=/opt/freeware --sbindir=/opt/freeware/sbin --libdir=/opt/freeware/lib --libexecdir=/opt/freeware/libexec --with-pam --with-pam-login --with-aixauth --with-ldap=/opt/freeware --with-ldap-conf-file=/opt/freeware/etc/openldap/ldap.conf
So I replaced the ldap executables and libraries under /opt/freeware /bin /lib /lib64 with symbolic links to /opt/IBM/ldap/V6.3/, but nothing changed.
------------------------------
Kai Schuemann
------------------------------
Original Message:
Sent: Fri February 17, 2023 04:40 PM
From: Kai Schuemann
Subject: sudo ldap errno 13
Hello,
I installed sudo_ids-1.9.12p2-1.aix7.1.ppc.rpm to use with /opt/IBM/ldap/V6.3/ on AIX 7.1 TL5 SP10. Had to install openldap-2.4.58-4.aix7.1.ppc.rpm as a prerequisite, but the IBM ldap still works and I can connect with my personal account being authorized via it. But when changing to root via sudo rootsh, I am getting "a password is required". The debug log seems to tell me, that sudo does connect to ldap, but is getting an authentication failure caused by "13 Permission denied". Where does this error 13 come from ? Please see excerpt from debug log attached.
Thank you very much,
Kai
------------------------------
Kai Schuemann
------------------------------