Am Wed, 21 Dec 2011 13:47:11 +0200 schrieb Selcuk Yazar <[email protected]>:
> Hi, > > Ok > > my rule is > access to > dn.regex="^mail=([^,]+),ou=([^,]+),jvd=([^,]+),o=hosting,dc=myhosting,dc=example$" > attrs=userPassword > by > dn.exact="mail=$1,ou=$2,jvd=$3,o=hosting,dc=myhosting,dc=example" > write by > dn.exact,expand="mail=$1,ou=$2,jvd=$3,o=hosting,dc=myhosting,dc=example" > read > by dn="cn=Manager,dc=myhosting,dc=example" write > by users none > by * none > > this doesn't work , users can't change their own password. run slapacl(8) to test your access rules, or just run slapd with -dacl this will show you slapd parsing your access rules. -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
