Please keep replies on the list.
Luke Lee wrote:
Sir,
I have the following in my base ldif:
snip
and I have the following under the group ou:
dn: cn=pwmanager,ou=Group,dc=mydomain,dc=com objectClass: groupOfNames cn: pwmanager member: cn=l_luke,ou=People,dc=mydomain,dc=com member: w_smith,ou=People,dc=mydomain,dc=com
snip
The access defined in the slapd.conf file:
access to attrs=userPassword by self write by group.exact="cn=pwmanager,ou=Group,dc=mydomain,dc=com" write by * none
access to * by self write by group.exact="cn=pwmanager,ou=Group,dc=mydomain,dc=com" write by users read by * none
Will I be able to use the following command to change user's password?
ldappasswd -x -W -D "uid=l_luke,ou=People,dc=mydomain,dc=com" -S "uid=w_smith,ou=People,dc=mydomain,dc=com"
No.
How can I use the Netgroup and netgroup.byhost nisMap to achive the same purpose? Would you please help? Thanks!
You can't. You can't use anything but groupOfNames/member for group membership. The only alternative, discussed thousands of times in the archives (the last time three days ago, http://www.openldap.org/lists/openldap-software/200803/msg00241.html) consists in using sets, but performance and deadlock issues will probably bite you.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------