[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
passwd fails
Hi guys,
my ldapserver works fine now, but the first users are arriving.
The normal user should change their own password. So, everyone thinks of
passwd in the shell.
But:
LDAP password information update failed: Insufficient access
Must supply old password to be changed as well as new one
Here is my ACL:
olcAccess: {0} to
attrs=pwdChangedTime,pwdAccountLockedTime,pwdFailureTime,pwdH
istory,pwdGraceUseTime,pwdReset
by * none
olcAccess: {1}to attrs=userPassword
by self write
by * auth
olcAccess: {2}to attrs=shadowLastChange
by self write
by dn.base="cn=BINDUSER,dc=MY,dc=DC" read
by users read
by * auth
olcAccess: {3}to attrs=userPKCS12
by self read
by * none
olcAccess: {4}to *
by dn.base="cn=BINDUSER,dc=MY,dc=DC" read
by * none
I tried the same with
olcAccess: {4}to *
by * read
and allowing anonymous binds, but same error.
passwd seems to try to bind with the binduser and then to read and to
write the userPassword, but only has auth access.
Has anyone an idea how to enable this?
Thanks a lot.
Holger