On Tue, 8 Jul 2003, Yossef Korang wrote:
I'm still having difficult with changing the password for a user. I've
looked at the logs, error messages, and through debugging(and give them
below), and I have no clue what the problem could be. Any help at
resolving this problem would be much appreciated as I cannot see what is
causing the problem in the first place...
slapd debug:
[...]
=> access_allowed: auth access to
"uid=yossefk,dc=solomon,dc=physics,dc=sc,dc=edu" "userPassword" requested
=> acl_get: [1] check attr userPassword
<= acl_get: [1] acl uid=yossefk,dc=solomon,dc=physics,dc=sc,dc=edu attr:
userPassword
=> acl_mask: access to entry
"uid=yossefk,dc=solomon,dc=physics,dc=sc,dc=edu",
attr "userPassword" requested
=> acl_mask: to all values by "", (=n)
That's the default "deny all" clause... Now it goes through your clause
in sequence...
<= check a_dn_pat: uid=root,dc=solomon,dc=physics,dc=sc,dc=edu
=> string_expand: pattern: uid=root,dc=solomon,dc=physics,dc=sc,dc=edu
=> string_expand: expanded: uid=root,dc=solomon,dc=physics,dc=sc,dc=edu
=> regex_matches: string:
=> regex_matches: rc: 1 no matches
...root: no match
<= check a_dn_pat: anonymous
<= acl_mask: [2] applying auth(=x) (stop)
<= acl_mask: [2] mask: auth(=x)
=> access_allowed: auth access granted by auth(=x)
...anonymous: match (end of game...)
[...]
ACL's in slapd.conf:
access to attribute=userPassword
by dn="uid=root,dc=solomon,dc=physics,dc=sc,dc=edu" write
by anonymous auth
by self write
by * auth
access to * by * read
Try changing this to:
access to attribute=userPassword
by dn="uid=root,dc=solomon,dc=physics,dc=sc,dc=edu" write
by self write
by * read
by anonymous auth
Craig
After making those changes, I still have the same problem. Thanks for your
input though, and any other suggestions would be appreciated to try to resolve
this problem.