[Date Prev][Date Next] [Chronological] [Thread] [Top]

AW: Help with ACL's for userPassword updates

Hello Martin,

The rootdn can always change everything everywhere. So, I guess you
should use the root dn to do that.
You ACL simply says that only the user himself/herself can change the

Best regards,



Von: openldap-technical-bounces+claus.kick=siemens.com@OpenLDAP.org
Im Auftrag von Martin Benson
Gesendet: Sonntag, 18. Mai 2008 20:17
An: openldap-technical@openldap.org
Betreff: Help with ACL's for userPassword updates

Hi I need some help with the Access Control Lists in my slapd.conf file.
I need to allow myself to update a user's password for when they forget
their password. With no ACL's in place I can do this using a ldapmodify
command that authenticates as "cn=Manager,dc=example,dc=com". I normally
have the following in my ACL's:



access to attrs=userPassword
        by self write
        by anonymous auth
        by * none
access to * by * read



What do I need to do to change this to allow the manager to change the
userPassword attribute.


Thanks Martin Benson