[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More on my password problem

To: "Tibbetts, Ric" <ric.tibbetts@ngc.com>
Subject: Re: More on my password problem
From: luiz@pucrs.br
Date: Tue, 29 Jul 2003 11:29:24 -0300
Cc: openldap-software@OpenLDAP.org


Hello Ric

> My users do not/will not have access to the server. They must change
> their passwords on the clients.
> Can your users change their password on the client?

Yes. With this ACL, users can change their passwords normally with the
'passwd' unix command:

<- SNIP ->
password-hash {CRYPT}
access to attribute=userPassword
        by self write
        by dn="cn=admin,dc=my,dc=domain" write
        by dn="cn=proxyagent,ou=contasIT,dc=my,dc=domain" read
        by * compare
access to *
        by * read
<- SNIP ->

The detail is that if I don´t use "password-hash {CRYPT}" (previously I
used {MD5}), when the user changes his password, the new password is not
recognized. With {CRYPT} I didn´t have more problems. "proxyagent" is for
my SUN profile.
Regards

Follow-Ups:
- Re: More on my password problem
  - From: Andreas <andreas@conectiva.com.br>

Prev by Date: RE: cyrus-sasl-2.1.15 and openldap-2.1.22 on FreeBSD 4.8 Release
Next by Date: bdb_db_cache problem
Index(es):
- Chronological
- Thread