[Date Prev][Date Next] [Chronological] [Thread] [Top]

posixAccount entries under People

To: openldap-software@OpenLDAP.org
Subject: posixAccount entries under People
From: "Diego A. Puertas F." <dpuertas@uc.edu.ve>
Date: Tue, 28 May 2002 09:32:42 +0000
Organization: RedUC

Hi everyone, I've the following problem:


When the users entries (posixAccount) are placed directly under
people everything works fine:

People
  |
  +-Peter
  |
  +-Alicia
  |
  +-John


But when the inmediate parent of the user entries is not the entry
"People", users can't login successfully unless I set an ACL in the
file /etc/openldap/slapd.con that gives read access to an anonymous
user over the attribute userPassword. Also, users cannot change their
passwords; when they try to, this is what happens:

  bash-2.05a$ passwd
  Changing password for user dpuertas.
  passwd: Authentication token manipulation error
  bash-2.05a$

I've the following directory structure in the People branch, and I
suffer both problems (login and password change):

People

  +-OrgUnit1
  |   |
  |   +-User1
  |   |
  |   +-User2
  |
  +-OrgUnit2
      |
      +-User3
      |
      +-User4


What can I do, I've been strugling with this problem for 2 weeks only
to realize that the source of the problem was the placement of the
entries, now I can't find a way to solve it. Help!


-- 
Ing. Diego A. Puertas Fernández
     Analista Programador
Universidad de Carabobo   RedUC
     Usuario Linux #114434

Follow-Ups:
- Re: posixAccount entries under People
  - From: M.vanDorp@wiwo.nl

Prev by Date: Re: ldap_add: Already exists
Next by Date: Re: posixAccount entries under People
Index(es):
- Chronological
- Thread