[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antwort: Re: Antwort: Re: Antwort: Re: Changing User Password with ldappasswd



> you will not have to configure anything special here. when a user binds
> with "-D <his binddn>" and "-w <his password>" slapd will check whether
> the password specified matches the password stored as "userpassword"-
> attribute in that users entry. after that the user can specify a new
> password, and slapd will write that down.. (and "access to
> attr=userpassword by self write" will be applied..)

Ok, I installed openldap v2.0.21 and inserted a new test user into my database.
I can log in with that user using the correct password stored in the attribute
userpassword. Now I would like to change his password by issuing:

> ldappasswd -WS -D "uid=mark7, o=myorg, c=D" "uid=mark7, o=myorg, c=D"

result is the following:

New password:
Re-enter new password:
Enter bind password:
Result: Insufficient access (50)
Additional info: entry modify failed

Where I assume that "Bind password" is the old password which I used to login
successfully
just before...Access control ist like that:

access to dn=".*, o=myorg, c=D" attr=userPassword
        by self write
        by anonymous auth
        by dn="cn=Admin,o=myorg, c=D" write
        by * none

Sorry to bother you with these simple questions but I am quite new to this topic
and I did not
find any adequate info from the web...

regards,
Thomas