user they can modify passwords

12 Jun 2008


      Hi List
i need an user "it" they can modify on my ldap the passwords for all users.
atm my settings in the acl.conf are:
access to dn.base=""
 by * read
access to dn.base="cn=subSchema"
 by * read
access to attrs=userPassword,userPKCS12
 by self write
 by * auth
access to attrs=shadowLastChange
 by self write
 by * read
access to dn.subtree="ou=users,dc=server1,dc=intern"
 by self write
 by dn="uid=intern,ou=users,dc=server1,dc=intern"
 by * read
access to dn.subtree="ou=groups,dc=server1,dc=intern"
 by * read
access to dn.sub="ou=hosts,dc=server1,dc=intern"
 by self write
 by dn="uid=hostadmin,ou=users,dc=server1,dc=intern" write
 by * read
can i do like this:
access to dn.subtree="ou=users,dc=server1,dc=intern"
 by self write
 by dn="uid=intern,ou=users,dc=server1,dc=intern"
 by * read
 by dn="uid=it,ou=users,dc=server1,dc=intern"
 by * write
MFG Sven

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

user they can modify passwords