On Wed, Jan 21, 2015 at 8:26 AM, David Paulsen <[email protected]> wrote:
> > > Thanks, Kiran. I was using the admin account to change the password. > > > But, when I attempted to use the user account for which I'm changing > the > > > password (instead of the admin account), I get an > > > INSUFFICIENT_ACCESS_RIGHTS error: > > > > > > LDAPException: Insufficient Access Rights (50) Insufficient Access > > > Rights > > > > > are there any ACIs affecting the below mentioned entry? > > > > > LDAPException: Server Message: INSUFFICIENT_ACCESS_RIGHTS: failed > for > > > MessageType : MODIFY_REQUEST > > > Message ID : 111 > > > Modify Request > > > Object : > 'uid=jguinn,ou=8300,ou=DVHead,dc=kewilltransport,dc=com > > > ' > > > Modification[0] > > > Operation : replace > > > Modification > > > userPassword: 0x48 0x69 0x54 0x68 0x65 0x72 0x65 0x32 > > > org.apache.directory.api.ldap.model.message.ModifyRequestImpl <at> > 8ede0d34: > > > null > > > LDAPException: Matched DN: > > > > > > > > > > > > > > > Not that I know of. I did not specifically configure any ACIs for > uid=jguinn,ou=8300,ou=DVHead,dc=kewilltransport,dc=com. Is there a way I > can check for that? I would think that by default a user logged in to > see if the parent/root entry has any ACI applied > LDAP as themselves would be able to change their password, correct? > > yes -- Kiran Ayyagari http://keydap.com
