Re: Antw: [EXT] Problem with ppolicy overlay and userPassword attribute

>>> Yes, if you query the right place. I.e., cn=subschema: >>> >>> ldapsearch ... ‑s base ‑b "cn=subschema" + >> >> When I try that I get "No such object", and when I try > > Then you used a bind identity that doesn't have access to cn=subschema. > Generally it is advised that cn=subschema should be readable by anyone. I have this in "dn: olcDatabase={-1}frontend,cn=config": olcAccess: {0}to dn.exact="" by * read olcAccess: {1}to dn.base="cn=Subschema" by * read Shouldn't that do?