Hi, I am trying to restrict access to pwdHistory attributes provided by ppolicy overlay. I have applied the below ACL
access to attrs=pwdHistory by * none but while doing slaptest, its throwing below error:- /etc/openldap/slapd.conf: line 212: unknown attr "pwdHistory" in to clause <access clause> ::= access to <what> [ by <who> [ <access> ] [ <control> ] ]+ <what> ::= * | dn[.<dnstyle>=<DN>] [filter=<filter>] [attrs=<attrspec>] <attrspec> ::= <attrname> [val[/<matchingRule>][.<attrstyle>]=<value>] | <attrlist> <attrlist> ::= <attr> [ , <attrlist> ] <attr> ::= <attrname> | @<objectClass> | !<objectClass> | entry | children <who> ::= [ * | anonymous | users | self | dn[.<dnstyle>]=<DN> ] [ realanonymous | realusers | realself | realdn[.<dnstyle>]=<DN> ] [dnattr=<attrname>] [realdnattr=<attrname>] [group[/<objectclass>[/<attrname>]][.<style>]=<group>] [peername[.<peernamestyle>]=<peer>] [sockname[.<style>]=<name>] [domain[.<domainstyle>]=<domain>] [sockurl[.<style>]=<url>] [ssf=<n>] [transport_ssf=<n>] [tls_ssf=<n>] [sasl_ssf=<n>]
Before posting here I searched archive and found one similar, issue , but it did not resolve my issue. I have running openldap-servers-2.4.23 on RHEL-6.5. If any further details requires , Please let me know. Thanks.