Objet: LDAP password information update failed: Server is unwilling to perform shadow context; no update referral
Hello, I try to change password on customer, to a referal thru a overlay chain config. I have answer LDAP password information update failed: Server is unwilling to perform. OS REDHAT 5.2. openldap openldap-2.4.16
could you help me ?
Thanks
Enter login(LDAP) password: New UNIX password: Retype new UNIX password: LDAP password information update failed: Server is unwilling to perform shadow context; no update referral passwd: Permission denied
Master conf ldap-v000 ----------------------
overlay syncprov syncprov-checkpoint 100 10
# allow the world read access access to * by dn="cn=Manager,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn="cn=samba,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn.base="cn=replication_ldap,dc=mydomaine,dc=mydomaine2,dc=fr" write by self write by * read
# restrict userPassword for authentication only, allowing changes by user
access to attrs=userPassword by dn="cn=Manager,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn="cn=samba,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn.base="cn=replication_ldap,dc=mydomaine,dc=mydomaine2,dc=fr" write by self write by * none
Slave conf ---------- overlay chain chain-uri ldap://ldap-v000/ chain-idassert-bind bindmethod=simple binddn="cn=replication_ldap,dc=mydomaine,dc=mydomaine2,dc=fr" credentials=secret mode=self flags=non-prescriptive
# allow the world read access access to * by dn="cn=Manager,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn="cn=samba,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn.base="cn=replication_ldap,dc=mydomaine,dc=mydomaine2,dc=fr" write by self write by * read
# restrict userPassword for authentication only, allowing changes by user #access to dn.subtree="ou=Aliases,dc=mydomaine,dc=mydomaine2,dc=fr" by * read
access to attrs=userPassword by dn="cn=Manager,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn="cn=samba,dc=mydomaine,dc=mydomaine2,dc=fr" write by dn.base="cn=replication_ldap,dc=mydomaine,dc=mydomaine2,dc=fr" write by self write by * none