Perhaps. But of course, this could simply be a slapd issue (which other think it is).
So, back to square one. Maybe slapd.conf is just not setup correctly....
Anyone have examples of a slapd.conf that allows directory users to change their own password?
Thanks
Anne
-----Original Message----- From: Gavin Henry [mailto:ghenry@suretecsystems.com] Sent: Friday, September 14, 2007 9:52 AM To: Anne Moore Cc: 'Buchan Milne'; openldap-software@openldap.org Subject: RE: configure OpenLDAP to allow directory users - change password
<quote who="Anne Moore">
Hi Milne
<<Or, if you've set pam up correctly, passwd.>>
You're probably right on this. Any idea how to set it up to work with OpenLdap correctly?
That's a different mailing list I'm afraid.
Thanks
Anne
-----Original Message----- From: Buchan Milne [mailto:bgmilne@staff.telkomsa.net] Sent: Friday, September 14, 2007 2:58 AM To: openldap-software@openldap.org Cc: Gavin Henry; Anne Moore Subject: Re: configure OpenLDAP to allow directory users - change password
On Thursday 13 September 2007 22:54:45 Gavin Henry wrote:
<quote who="Anne Moore">
HI Gavin
The clients we use are Red Hat ES 4.0 systems (40 of them).
Any ideas on how to allow my users to change their own passwords?
ldappasswd?
Or, if you've set pam up correctly, passwd.
Thank you for the help!
Anne
Gavin Henry ghenry@suretecsystems.com wrote:
Hi All
Does anyone know how to configure OpenLDAP to allow directory users to change their own passwords?
You don't mention anything about the clients you are using or your ACLs
The default ACLs shipped in most default slapd.conf files usually has something like this, which would be sufficient:
access to attrs=userPassword by self write by * auth
I've using Openldap-2.2.13-7.4E (on my RedHat server)
See the our recommendations of using Red Hat OpenLDAP software in the archives.
2.2 is deprecated. 2.3 is current, and has some features (for example password policy enforcement) that you may desire/require.
Packages are available that install cleanly in parallel, such as mine: