Re: Still fighting openldap
- From: <m.roth2006@xxxxxxx>
- Date: Tue, 19 Feb 2008 13:01:21 -0500 (EST)
Following myself up...
Date: Tue, 19 Feb 2008 12:12:13 -0500 (EST)
From: <m.roth2006@xxxxxxx>
Ok. ACL:
access: to attrs=shadowLastChange,userPassword
by self write
by anonymous auth
access to *
by * read
by anonymous auth
I left the shadowLastChange, hoping that it would fix at least one problem, but no joy: I can log onto other servers with my new password... but not into the ldap server - it still wants my old password, and I, as a user, am not in either /etc/password or /etc/shadow.
Next problem: I've got another user trying to change their password, and they keep getting an insufficient access (50).
Any clues? (Still 2.3.39, RHEL 4)
I've tried changing the first stanza to:
access: to attrs=shadowLastChange,userPassword
by * read
by self write
by anonymous auth
thinking that it had to have anon authority to read, in order to find the user/password, but that only changes the error to invalid credentials
mark
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- Re: Still fighting openldap
- From: Josh Miller
- Re: Still fighting openldap
- From: Jim Canfield
- Re: Still fighting openldap
- Prev by Date: Still fighting openldap
- Next by Date: Re: Still fighting openldap
- Previous by thread: Still fighting openldap
- Next by thread: Re: Still fighting openldap
- Index(es):
Relevant Pages
|
