Hi,

I am using PLA to have my users manage their own passwords. For that I 
used a stripped down template, just showing the userPassword attribute.

I have the users log in with their own account in PLA (authentication of 
type "session"). When they try to change their password, they get a 
"0x32 (LDAP_INSUFFICIENT_ACCESS)" error, which really is a LDAP 50 
error, meaning they have no access to attributes.

I know for a fact that they DO have rights to change their own password 
(tested with ldap admin tool), but I noticed that LPA not only tries to 
change userPassword,  but also objectClass. From the logs on the LDAP 
server:

Feb  3 14:48:37 lx06 slapd[9068]: conn=37 op=4 MOD attr=objectclass 
userpassword
Feb  3 14:48:37 lx06 slapd[9068]: conn=37 op=4 RESULT tag=103 err=50 text=

To the objectClass attribute they obviously have no rights, but why is 
PLA trying to change that? Can I fix it?

thx,

B.


------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
phpldapadmin-users mailing list
phpldapadmin-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpldapadmin-users

Reply via email to