hi,guys

     

     I just setup a openldap server via compile command as following.

                 ./configure --prefix=/opt/openldap

                                   --enable-overlays=mod

                                   --enalbe-dynamic=yes

                                   --enable-modules=yes

                                   --enable-ppolicy=yes

     slapd.conf as below

               include         /opt/openldap/etc/openldap/schema/core.schema

include         /opt/openldap/etc/openldap/schema/cosine.schema

include         /opt/openldap/etc/openldap/schema/inetorgperson.schema

include         /opt/openldap/etc/openldap/schema/nis.schema

include         /opt/openldap/etc/openldap/schema/openldap.schema

include         /opt/openldap/etc/openldap/schema/ppolicy.schema

pidfile         /opt/openldap/var/run/slapd.pid

argsfile        /opt/openldap/var/run/slapd.args

  access to attrs=userPassword

  by self write

  by anonymous auth

  by dn.base="cn=Manager,dc=abc,dc=com"

  by *  none

  access to *

              by self write

              by dn.base="cn=Manager,dc=abc,dc=com"

              by * read

              by * none

database        bdb

suffix          "dc=abc,dc=com"

rootdn          "cn=Manager,dc=abc,dc=com"

rootpw          12345678

directory       /opt/openldap/var/openldap-data

index cn,sn,uid pres,eq,approx,sub

index   objectClass     eq

loglevel -1

 

 my question is user can't change his own password. I use following command

so I have different result.

 

 

 

when not add -x

  

  

 

 

 is there error in my config file about acl. I have set pwdRest is true.

 

 I need help. thks