--On Friday, August 31, 2018 1:59 PM -0500 Bill Bradford mrbill@mrbill.net wrote:
I'll fix that. but this user (rootDN) has the required privs and already works fine so far for a couple of years now.
ACLs never apply to the rootdn. This is clearly documented in the man page.
by dn.exact="uid=romanager,ou=Users,dc=domain,dc=com" read
Are you sure this is the DN returned by ldapwhoami?
I'm not logging in to a Linux box as this user; I'm using this DN as credentials (in Apache Directory Studio, ldapsearch, etc) and connecting just fine - just not with the ability to read other user's passwords.
This has nothing to do with logging into a linux box.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com