[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: user authentication and changing passwords


Did you try adding these lines?

> > # Entry = dn and is needed to access the entries at all
> > access to attr=entry
> >  by * read

Have you looked at the /var/log/ldap.log file?  There may
be some clues in there.


-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Joseph Hoot
Sent: Monday, September 25, 2000 1:14 PM
To: openldap-software@OpenLDAP.org
Subject: Re: user authentication and changing passwords

sorry, left out a few lines of my slapd.conf.  Here they are:

# Allow clients to authenticate
access to
        by dn="cn=Manager,dc=nowcom,dc=com" write
        by * read

> I have the following ACL:
> # Deny all unless specifically allowed
> defaultaccess   none
> # Allow the manager and user to change the user's password
> access to attr=userpassword
>         by self write
>         by dn="cn=Manager,dc=nowcom,dc=com" write
>         by * search
> # Allow the following fields to be seen by the world
> access to attr=mail,cn,sn,givenname,o,ou,title,uid,telephoneNumber
>         by * read
> I am trying to A) authenticate users still and B) allow them to change
> passwords.   Currently both of these aren't working with the above ACL.

Joseph Hoot
System Administrator