Ervin Hegedüs wrote: > olcAccess: {0}to attrs=userPassword,shadowLastChange by self write Additional side notes regarding this ACL above (which is often used in tutorials): 1. You should use slapo-ppolicy instead of deprecated 'shadowLastChange' attribute to enforce password expiry. 2. With this ACL the user can extend the password validity period himself which renders password expiry ineffective. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature