ACL Problem

To: openldap-technical <openldap-technical@openldap.org>

Subject: ACL Problem

From: Selcuk Yazar <selcuk.yazar@gmail.com>

Date: Tue, 20 Dec 2011 10:55:12 +0200

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; bh=C3++rQPA6mVqwLY/3M8nCiWcdQLlxHkDiaWGUrK0P0s=; b=JvTFIJPeHf0vM2XL+moLbo39zYi/VRq81SvL07N7MluvOq2Of3pQHDlxW2sRn4W+5y Z/Re/c/UZ01oj2QELMdMR4zujhOT7BeXxgpN/IhPVzwm2xeJBTexplZExqeuBs6hgGl1 +CVn39foEJMayz63m4piW2zxvp5xsoAvF6QZc=

I want to ldap users to change their password.

sample user dn is

and we have acl rules in slapd.conf

access to dn.regex=".*,ou=.*,jvd=([^,]+),o=hosting,dc=myhosting,dc=example"

attrs=userPassword

by self write

by group/jammPostmaster/roleOccupant.expand="cn=postmaster,jvd=$1,o=hosting,dc=myhosting,dc=example" write

by * auth

by * none

access to dn.regex=".*jvd=([^,]+),o=hosting,dc=myhosting,dc=example"

by self write

by group/jammPostmaster/roleOccupant.expand="cn=postmaster,jvd=$1,o=hosting,dc=myhosting,dc=example" write

by * read

access to *

by * read

i apply various rules from openldap documentation, but no one works. why users can't chage their password ?

thanks in advance

--
Selçuk YAZAR

Follow-Ups:

Re: ACL Problem
- From: anax <anax@ayni.com>
Re: ACL Problem
- From: Buchan Milne <bgmilne@staff.telkomsa.net>