Before I forget the link here is the config file I'm using

http://alecto.bittwiddlers.com/files/slapd.conf

I have two separate databases of user information and a meta database at the bottom of the file that joins them together so both can log in. The meta database is what's used for the system pam and nss settings. All of that seems to work fine - no problems with the logging in, groups, or any of that. Users that belong to the second database, zone2, can change their passwords using any of the standard commands including passwd. Users in the first database, zone1, are unable to change their passwords

{153}: passwd New password: Re-enter new password: LDAP password information update failed: Strong(er) authentication required modifications require authentication passwd: Permission denied passwd: password unchanged

I've looked at the ACL and stats logs for both the accounts that work and those that don't but there's a lot of information there and I can't tell what the problem is. I'm rather new to LDAP in general. Can someone give me some pointers or ideas for what I can look for?

Thanks for any help