ACL Problem, Insufficient access (50)

Amir Saad Thu, 22 Dec 2005 07:28:39 -0800
i use openldap 2.3.11 , Heimdal Kerberos , Fedora 4
 
login authenticated through kerberos and i use ldap for user info (instead of 
NIS)
 
the problem is i cannot change password for any authenticated user using GSSAPI 
even with rootdn
i tried to use -x and it worked only with the rootdn
 
here is my ACL files: (manager is my rootdn)
*************************************************************************************************************************
access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org" 
attrs=userPassword
    by dn="cn=Manager,dc=test,dc=domain,dc=mydomain,dc=org" write
    by self write
    by * auth
access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org"
    by * read
access to dn.regex="uid=(.*),ou=People,dc=test,dc=domain,dc=mydomain,dc=org"
    by self write
    by * read
*************************************************************************************************************************
 
and here is the error:
**************************************************************************************************************************
ldappasswd -Y GSSAPI  -S 
"uid=sonne,ou=People,dc=test,dc=domain,dc=mydomain,dc=org "
New password:
Re-enter new password:
SASL/GSSAPI authentication started
SASL username: [EMAIL PROTECTED]
SASL SSF: 56
SASL installing layers
Result: Insufficient access (50)
*****************************************************************************
 
i hope you can help!
thanks  alot 
Amir Saad
Software Engineer
ACL Problem, Insufficient access (50)

Reply via email to
