[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: change password not possible for all users



Jürgen Magin a écrit :

Hi list

I have an issue with ACL's  for attribute userPassword .

The entry in slapd.conf  is
access to attr=userPassword
       by self write
       by anonymous auth
       by dn="cn=Manager,dc=rfsystems,dc=de" write
       by * none

For a user like
   "cn=Nobody,dc=rfsystems,dc=de"
it is possible to change the his password, but a user like
   "cn=Nobody,ou=sales,dc=rfsystems,dc=de"
it is not.
I tried several entries for userPassword, but it doesn't work.
What do i wrong.
Any advice is appreciated.


ps: please, don'T tell me read slapd.access or something like that. I tried it before.

Is there any other ACL rule before that one ? When openldap processes ACL it stops to the first acl which what close fits .