[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Allow users to change ldap password with passwd



I replaced ou with cn, tried loading the ldif and got this message:

# ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=config" -f passwordPolicy.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "cn=policies,dc=*****,dc=*****"
ldap_add: Insufficient access (50)
additional info: no write access to parent

Thank you,
Liz

From: Michael Ströder <michael@stroeder.com>
Date: Thursday, September 24, 2015 at 11:12 AM
To: Elizabeth Real Chavez <Elizabeth.Real@jpl.nasa.gov>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: Allow users to change ldap password with passwd

Real, Elizabeth (392K) wrote:
This is the passwordPolicy.ldif:
dn: ou=policies,dc=*****,dc=*****
objectClass: pwdPolicy
objectClass: person
objectClass: top
cn: policies
sn: policies

If that is what you want to use you cannot use ou for forming the RDN.

Simply use instead
dn: cn=policies,dc=*****,dc=*****
to match your entry.

Ciao, Michael.