Re: How To set things up to allow users to change their passwords

Sat, 05 Dec 2009 16:33:31 -0800 

Robert Heller wrote:

At Sat, 05 Dec 2009 21:12:14 +0100 Zdenek Styblik<[email protected]>  wrote:



Robert Heller wrote:

At Sat, 05 Dec 2009 19:41:26 +0100 Zdenek Styblik<[email protected]>  wrote:


Robert Heller wrote:

At Sat, 05 Dec 2009 18:29:55 +0100 Zdenek Styblik<[email protected]>  wrote:


Robert Heller wrote:

At Sat, 05 Dec 2009 09:12:46 +0100 "Dieter Kluenter"<[email protected]>  
wrote:


Robert Heller<[email protected]>  writes:


I have Openldap set up on a CentOS 5 system (using the stock 2.3.43
RPMS) and I want to allow users to change their passwords, but I am
confused by the documentation (it has both too much and not enough
information -- there don't appear to be simple HowTos for common setups).

http://www.openldap.org/doc/admin24/slapdconfig.html
  see section 6.3

OK, I have set this up, and with some poking around I have gained a
better unterstanding of what is going on.  I have another question:

In the sample config it has an access control list that looks like:

access to attrs=userPassword
        by self write
        by anonymous auth
        by dn.base="cn=Admin,dc=example,dc=com" write
        by * none

Where does the password for "cn=Admin,dc=example,dc=com" exist?  Is this
something a add to slapd.config or insert into the database or ???
The text of the example refers to the "admin" entry. Obviously an "entry" refers to an entry in the database. 


Well, ok then. Btw you're reading guide for 2.4.x (and you have 2.3.x).


Yes, I know.
We've stated time and time again, use the docs that came with the version of the software you're running. You're being deliberately obtuse here. 


I'm using CentOS (RHEL).



I don't need a heavyweight application and I would prefer something that
is installed from a CentOS/RHEL repository, rather than installed from
source -- that is something under the O/S's package management system.
Then go waste RedHat's time, not ours. 2.3 has been phased out. 2.4 has been available since 2007. If you want to use the outdated stuff your vendor provides, then you should be getting support from your vendor as well. 

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Reply via email to