LX0-104 · Question #184
In order for pam_ldap to be capable of changing a user's password in Active Directory, the pam_password parameter must be set to
The correct answer is A. ad. For pam_ldap to successfully change a user's password in Active Directory, the pam_password parameter needs to be specifically configured with the value ad.
Question
Options
- Aad
- Bwin
- Cactive_directory
- Dldap
How the community answered
(56 responses)- A95% (53)
- B4% (2)
- D2% (1)
Why each option
For `pam_ldap` to successfully change a user's password in Active Directory, the `pam_password` parameter needs to be specifically configured with the value `ad`.
When pam_ldap is configured to interact with Microsoft Active Directory for password changes, it requires a specific setting for pam_password to ensure it uses the correct password modification protocol compatible with AD. Setting pam_password ad tells pam_ldap to use the Active Directory-specific password change mechanism.
win is not a recognized value for the pam_password parameter to enable Active Directory password changes.
active_directory is not a recognized value for the pam_password parameter; the correct specific value for AD is ad.
ldap as a value for pam_password typically refers to the standard LDAP password modification operation, which might not be fully compatible with Active Directory's specific requirements for password changes.
Concept tested: pam_ldap Active Directory password change configuration
Source: https://manpages.debian.org/unstable/libpam-ldap/pam_ldap.conf.5.en.html
Topics
Community Discussion
No community discussion yet for this question.