Dear Users,
I'm trying to change my own password in field userPassword with some gui and receive access denied - permission denied message.
The access rules are .. and I'm binding with "cn=benutzer1,ou=Benutzer,dc=example,dc=com"
olcAccess: {0}to * by * read by * break
olcAccess: {1}to dn.subtree="ou=Benutzer,dc=example,dc=com" attrs=userPassword by self write by * break
What do i miss?
# benutzer1, Benutzer, example.com
dn: cn=benutzer1,ou=Benutzer,dc=example,dc=com
cn: benutzer1
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: posixAccount
sn: Mustermann
gidNumber: 777
homeDirectory: /home/benutzer1
uid: benutzer1
uidNumber: 777
loginShell: /bin/bash
userPassword:: known
# {2}bdb, config
dn: olcDatabase={2}bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: {2}bdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=com
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=example,dc=com
olcRootPW:: known
olcSyncUseSubentry: FALSE
olcMonitoring: TRUE
olcDbCacheSize: 1000
olcDbCheckpoint: 1024 15
olcDbNoSync: FALSE
olcDbDirtyRead: FALSE
olcDbIDLcacheSize: 0
olcDbIndex: objectClass pres,eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid pres,eq,sub
olcDbIndex: uidNumber pres,eq
olcDbIndex: gidNumber pres,eq
olcDbIndex: mail pres,eq,sub
olcDbIndex: ou pres,eq,sub
olcDbIndex: loginShell pres,eq
olcDbIndex: sn pres,eq,sub
olcDbIndex: givenName pres,eq,sub
olcDbIndex: memberUid pres,eq,sub
olcDbIndex: nisMapName pres,eq,sub
olcDbIndex: nisMapEntry pres,eq,sub
olcDbLinearIndex: FALSE
olcDbMode: 0600
olcDbSearchStack: 16
olcDbShmKey: 0
olcDbCacheFree: 1
olcDbDNcacheSize: 0
olcAccess: {0}to * by * read by * break
olcAccess: {1}to dn.subtree="ou=Benutzer,dc=example,dc=com" attrs=userPassword
by self write by * break