[Date Prev][Date Next] [Chronological] [Thread] [Top]

Changing User Password with ldappasswd

To: openldap-software@OpenLDAP.org
Subject: Changing User Password with ldappasswd
From: thomas.emde@scaleon.de
Date: Wed, 30 Jan 2002 14:10:37 +0100
Sensitivity:

Hello,

I try to change the attr userPassword of an ldap db entry being logged on as the
user represented by the entry itself.
So when a user enters "ldappasswd -W -D 'cn=Admin, o=my organization, c=D'
'uid=userid'" he is asked for the rootpw
and afterwards can successfully change his password. But this is not what I
intended because I don't want to tell my
users the rootpw of the ldap db.
my access control section in slapd.conf looks as follows:

access to dn=".*, o=my organization, c=D" attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=Admin,o=my organization, c=D" write
        by * none

I understood that by specifying "...by self write..." every user who is
represented by a ldap entry should be able to modify
his attr userPassword WITHOUT having to know the rootpw.
Is this wrong? How can I get around with this?

best regards,
Thomas

Prev by Date: Base dn included with host name
Next by Date: Re: Base dn included with host name
Index(es):
- Chronological
- Thread