--On Friday, September 18, 2020 12:38 PM -0700 Quanah Gibson-Mount
<[email protected]> wrote:
The SECOND command should be an appropiate 'ldapmodify' operation to add
pwdReset: TRUE to the user entry.
You should run these on the command line so you can gather any error(s)
returned by the utilities.
Hi Ed,
I wanted to add that the ability to modify the pwdReset attribute requires
that the operation be done with an entity that has "Manage" rights or
higher to the entry in question. You've not really provided any
information on what entity is doing the write operation (rootdn? something
else?) and what privileges that entity has. See the ldapmodify(5) man page
on how to specify that the Manage DSA IT control be specified as part of
the modification.
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
