[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAPPASSWD - Change user password problems

I'm running my LDAP server (2.0.11) on Windows NT and everything is running smoothly. Unfortunately, I'm experiencing difficulties when I try to change the user password. I am able to change the user password if I bind as the user itself but not if I bind as the admin user. I'm assuming it is something to do with my ACL's but cannot, for the life of me, see what I am doing wrong. I have even tried setting everyone to have write access but to no avail.
Changing the password bound as the user I'm using the following command:
ldappasswd -s garysecret -D "uid=nolang,ou=NatHealthA,o=CServices" -w garysec2 -x -d -1 -Z
But what command do I need to change the password as the admin user (preferably using simple authentication? I've tried the following and get "Unknown error". Please can someone help ?
ldappasswd -A -S -D "cn=CAdmin,o=CServices" -w adminsecret -X "uid=nolang,ou=NatHealthA,o=CServices" -d -1 -Z
Below is the relevant part of my slapd.conf file:
database ldbm
suffix "o=CServices"
suffix "dc=ldap,dc=CServices,dc=org"
directory c:/OpenLDAP/openldap-2.0.11/databases/com
rootdn "cn=CManager,o=CServices"
rootpw secret
index uid pres,eq
index cn,sn pres,eq,sub
index objectClass eq
access to attr=userPassword
        by self write
#        by anonymous auth (tried with anonymous bind also)
        by dn="cn=CAdmin,o=CServices" write
        by * none
access to *
        by self write
        by dn="cn=CManager,o=CServices" write
        by * read
My LDIF file is also below:
dn: dc=ldap,dc=CServices,dc=org
objectClass: top
objectclass: dcObject
objectclass: organization
dc: CServices
o: CServices
dn: o=CServices
objectClass: top
objectClass: organization
o: CServices
dn: cn=CManager,o=CServices
objectClass: organizationalRole
cn: CManager
description: LDAP Directory Manager (Root)
dn: cn=CAdmin,o=CServices
objectClass: organization
objectClass: organizationalRole
cn: CAdmin
o: CServices
userPassword: adminsecret
description: LDAP Directory Administrator
dn: ou=NatHealthA,o=CServices
ou: NatHealthA
objectClass: top
objectClass: organizationalUnit
description: Members of Group A
dn: uid=nolang,ou=NatHealthA,o=CServices
cn: Gareth Nolan
uid: nolang
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
givenname: Gary
sn: Nolan
ou: NatHealthA
homePostalAddress: 15 Cherry Ln.$Plano TX 78888
postalAddress: 15 Fitzhugh Ave.
l: Dallas
st: TX
postalcode: 76888
telephoneNumber: (800)555-1212
homePhone: 800-555-1313
facsimileTelephoneNumber: 800-555-1414
userPassword: garysecret
Gareth Nolan,