From: openldap-technical [mailto:openldap-technical-bounces@openldap.org]
On Behalf Of Borresen, John - 0444 - MITLL Hello, My users are allowed to modify their own passwords. My ACL is set like this: olcAccess: {0} to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn.exact=”cn=admin,dc=group,dc=ldap” write by * none olcAccess: {1} to * by * read Though not the perfect configuration but it works. In yours, I don’t see the userPassword attribute. You might want to rethink this – you are exposing users passwords to everyone |