Andrew Jorgensen wrote:
I have this wierd problem I need some help with (Dave, you out there still?) I have a RedHat 9 server running OpenLDAP for a group of machines. Everything works great. I'm using Directory Administrator to make the User entries. (phpLDAPAdmin is pretty cool though, I use that on another server). Anyway, my users can't change their passwords. The ACLs are set correctly (I think) and the db files are owned by the ldap server user. So I'm confused.
Here are the ACLs:
access to dn="o=Fireball" by * read access to * by self write by users read by anonymous auth
access to attribute=userPassword by dn="cn=Manager,o=Fireball" write by self write by * none
I'm also noticing that I don't seem to have rights to delete OU's, not even as Manager, is that right?
Okay, I think I've got it finally. I was ignoring the part where the manuals say that order is /extremely important/ in acls. Apparently if I move the userPassword part to the front of the file passwords can be changed. Ugh, er UUG.
smime.p7s
Description: S/MIME Cryptographic Signature
____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
