nerdexam
CompTIA

LX0-104 · Question #184

In order for pam_ldap to be capable of changing a user's password in Active Directory, the pam_password parameter must be set to

The correct answer is A. ad. For pam_ldap to successfully change a user's password in Active Directory, the pam_password parameter needs to be specifically configured with the value ad.

Security

Question

In order for pam_ldap to be capable of changing a user's password in Active Directory, the pam_password parameter must be set to

Options

  • Aad
  • Bwin
  • Cactive_directory
  • Dldap

How the community answered

(56 responses)
  • A
    95% (53)
  • B
    4% (2)
  • D
    2% (1)

Why each option

For `pam_ldap` to successfully change a user's password in Active Directory, the `pam_password` parameter needs to be specifically configured with the value `ad`.

AadCorrect

When pam_ldap is configured to interact with Microsoft Active Directory for password changes, it requires a specific setting for pam_password to ensure it uses the correct password modification protocol compatible with AD. Setting pam_password ad tells pam_ldap to use the Active Directory-specific password change mechanism.

Bwin

win is not a recognized value for the pam_password parameter to enable Active Directory password changes.

Cactive_directory

active_directory is not a recognized value for the pam_password parameter; the correct specific value for AD is ad.

Dldap

ldap as a value for pam_password typically refers to the standard LDAP password modification operation, which might not be fully compatible with Active Directory's specific requirements for password changes.

Concept tested: pam_ldap Active Directory password change configuration

Source: https://manpages.debian.org/unstable/libpam-ldap/pam_ldap.conf.5.en.html

Topics

#PAM#pam_ldap#Active Directory#Password management

Community Discussion

No community discussion yet for this question.

Full LX0-104 Practice