[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Can't self write password
- To: openldap-software <openldap-software@OpenLDAP.org>
- Subject: Can't self write password
- From: Sebastian Szuber <szuber@man.poznan.pl>
- Date: Wed, 22 Aug 2001 15:14:04 +0200
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1
Hi,
I use OpenLDAP 2.0.11 and NS Java SDK to change my password.
My ACL is:
access to attrs=entry
by anonymous read
access to *
by anonymous search
by users read
by self write
In my LDAP log are lines:
Here I bind - it's OK.
Aug 22 14:05:15 pine slapd[8000]: daemon: read activity on 10
Aug 22 14:05:16 pine slapd[8000]: daemon: select: listen=6
active_threads=1 tvp=NULL
Aug 22 14:05:16 pine slapd[8001]: conn=2 op=0 BIND
dn="UID=SEBACH,DC=MAN,DC=POZNAN,DC=PL" method=128
Aug 22 14:05:16 pine slapd[8000]: daemon: select: listen=7
active_threads=1 tvp=NULL
Aug 22 14:05:16 pine slapd[8001]: => access_allowed: auth access to
"uid=sebach, dc=man,dc=poznan, dc=pl" "userPassword" requested
Aug 22 14:05:16 pine slapd[8001]: => acl_get: [1] check attr userPassword
Aug 22 14:05:16 pine slapd[8001]: => acl_get: [2] check attr userPassword
Aug 22 14:05:16 pine slapd[8001]: <= acl_get: [2] acl uid=sebach,
dc=man,dc=poznan, dc=pl attr: userPassword
Aug 22 14:05:16 pine slapd[8001]: => acl_mask: access to entry
"uid=sebach, dc=man,dc=poznan, dc=pl", attr "userPassword" requested
Aug 22 14:05:16 pine slapd[8001]: => acl_mask: to all values by "", (=n)
Aug 22 14:05:16 pine slapd[8001]: <= check a_dn_pat: anonymous
Aug 22 14:05:16 pine slapd[8001]: <= acl_mask: [1] applying search
(=scx) (stop)
Aug 22 14:05:16 pine slapd[8001]: <= acl_mask: [1] mask: search (=scx)
Aug 22 14:05:16 pine slapd[8001]: => access_allowed: auth access
granted by search (=scx)
Aug 22 14:05:16 pine slapd[8001]: conn=2 op=0 RESULT tag=97 err=0 text=
Aug 22 14:05:16 pine slapd[8000]: daemon: activity on 1 descriptors
Aug 22 14:05:16 pine slapd[8000]: daemon: activity on:
Aug 22 14:05:16 pine slapd[8000]: 10r
Aug 22 14:05:16 pine slapd[8000]:
and here I try to change my password:
Aug 22 14:05:16 pine slapd[8000]: daemon: read activity on 10
Aug 22 14:05:16 pine slapd[8000]: daemon: select: listen=6
active_threads=1 tvp=NULL
Aug 22 14:05:16 pine slapd[8001]: conn=2 op=1 MOD dn="uid=sebach,
dc=man,dc=poznan, dc=pl"
Aug 22 14:05:16 pine slapd[8000]: daemon: select: listen=7
active_threads=1 tvp=NULL
Aug 22 14:05:16 pine slapd[8001]: => access_allowed: write access to
"uid=sebach, dc=man,dc=poznan, dc=pl" "userPassword" requested
Aug 22 14:05:16 pine slapd[8001]: => acl_get: [1] check attr userPassword
Aug 22 14:05:16 pine slapd[8001]: => acl_get: [2] check attr userPassword
Aug 22 14:05:16 pine slapd[8001]: <= acl_get: [2] acl uid=sebach,
dc=man,dc=poznan, dc=pl attr: userPassword
Aug 22 14:05:16 pine slapd[8001]: => acl_mask: access to entry
"uid=sebach, dc=man,dc=poznan, dc=pl", attr "userPassword" requested
Aug 22 14:05:16 pine slapd[8001]: => acl_mask: to value by
"UID=SEBACH,DC=MAN,DC=POZNAN,DC=PL", (=n)
Aug 22 14:05:16 pine slapd[8001]: <= check a_dn_pat: anonymous
Aug 22 14:05:16 pine slapd[8001]: <= check a_dn_pat: users
Aug 22 14:05:16 pine slapd[8001]: <= acl_mask: [2] applying read
(=rscx) (stop)
Aug 22 14:05:16 pine slapd[8001]: <= acl_mask: [2] mask: read (=rscx)
Aug 22 14:05:16 pine slapd[8001]: => access_allowed: write access
denied by read (=rscx)
Aug 22 14:05:16 pine slapd[8001]: conn=2 op=1 RESULT tag=103 err=50 text=
I have a clause "access to * by self write" but I can't change my
password ! Does anyone can read this log?
Thanks,
S.
--
/*
* Sebastian Szuber, Poznan Supercomputing and Networking Center
* email: szuber@man.poznan.pl
* phone: (+48 61) 858-20-34, fax: (+48 61) 852-59-54
*
*/