Still fighting openldap

---

• From: <m.roth2006@xxxxxxx>
• Date: Tue, 19 Feb 2008 12:12:13 -0500 (EST)

---

Ok. ACL:
access: to attrs=shadowLastChange,userPassword
by self write
by anonymous auth

access to *
by * read
by anonymous auth

I left the shadowLastChange, hoping that it would fix at least one problem, but no joy: I can log onto other servers with my new password... but not into the ldap server - it still wants my old password, and I, as a user, am not in either /etc/password or /etc/shadow.

Next problem: I've got another user trying to change their password, and they keep getting an insufficient access (50).

Any clues? (Still 2.3.39, RHEL 4)

mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

---

• Prev by Date: Re: ext3 journaling questionhi aLL,
• Next by Date: Re: Still fighting openldap
• Previous by thread: ext3 journaling questionhi aLL,
• Next by thread: Re: Still fighting openldap
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Still fighting openldap ... ACL: ... thinking that it had to have anon authority to read, in order to find the user/password, but that only changes the error to invalid credentials ... (RedHat) Re: A little more on openLDAP ... Josh Miller wrote: ... shadowLastChange is an internal attribute and should NOT appear in your ACL. ... (RedHat) Re: openLDAP and user passwords ... Harry Hoffman wrote: ... ok, I'll try that manana. ... (RedHat)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > RedHat  > 2008-02