On Sat, 2008-04-05 at 20:27 -0700, Umar wrote: > Deer Members! > > I just tried to change ldap password using ldappasswd from my ldap client > but I got the error. > > [EMAIL PROTECTED]:~$ ldappasswd -x > Result: Strong(er) authentication required (8) > Additional info: only authenticated users may change passwords > > Here is my slapd.conf file on ldap server > > access to attrs=userPassword > by dn="cn=root,dc=palmchip,dc=com" write > by self write > by anonymous read > by * none > > access to * > by dn="cn=root,dc=palmchip,dc=com" write > by self write > by users read > by anonymous read > by * none ---- supply a binddn
ldappasswd -x -D 'cn=root,dc=palmchip,dc=com' -W but my guess is that cn=root,dc=palmchip,dc=com is also your rootbinddn specified in slapd.conf which would mean 2 things... 1 - rootbinddn doesn't need benefit from ACL's because rootbinddn is super user 2 - rootbinddn password is set in slapd.conf and cannot be changed except by changing slapd.conf and restarting slapd Other things to consider... fully integrating ldap with pam would simply allow a user to change their password with the standard unix password command Craig --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
