Users in my LDAP database have trouble changing passwords.
$ passwd Changing password for user XXX. Enter login(LDAP) password: New password: Retype new password: LDAP password information update failed: Insufficient access passwd: Authentication token manipulation error
In /var/log/message, I have: passwd: pam_ldap: ldap_modify_s Insufficient access
In slapd.conf on the server, I have the following:
database bdb suffix dc=mydomain,dc=fr checkpoint 1024 15 rootdn cn=Manager,dc=mydomain,dc=fr rootpw {SSHA}XXXXX
access to attrs=userPassword by self write by * none
access to dn.subtree="dc=mydomain,dc=fr" by dn="cn=Manager,dc=mydomain,dc=fr" write by self write by * read
Any idea what is wrong? Thanks in advance.
F.
Fujisan wrote:
Users in my LDAP database have trouble changing passwords.
$ passwd Changing password for user XXX. Enter login(LDAP) password: New password: Retype new password: LDAP password information update failed: Insufficient access passwd: Authentication token manipulation error
In /var/log/message, I have: passwd: pam_ldap: ldap_modify_s Insufficient access
That error message looks like an SELinux error message. Do you have SELinux enabled? If you're not sure, use the command 'getenforce'.
-- Prentice
openldap-technical@openldap.org
-
Fujisan -
Prentice Bisbal