On 12/30/2010 03:24 AM, MAP 007 wrote:
Hi,
Recently i have setup 389 DS on my CentOS machine.Now yesterday i m
able to reset user's password. Now i m not able to reset it....
I have checked my directory server's setting and found that i have
mistakenly set "disallow_pw_change_aci" ACL. Now i have deleted this
one. But whenever i restart my dirsrv and dirsrv-admin services i see
"disallow_pw_change_aci" ACL again in my directory server.
Que.1 Now how to remove parmanently ?
How are you deleting it? What exactly are
you doing? Are you using
replication?
And secondly when i remove this from directory server and then try to
change password
What is the exact command you are using to change the password?
Can you post excerpts from your access log showing the password change
operation?
i am getting below error:-
LDAP password information update failed: Server is unwilling to perform
user is not allowed to change password
passwd: Permission denied
Que.2 Now how to sort out this one... ?
Que.3 And one more question is, where i will find all these logs...if
someone file these command at client as well as server machine(i.e.
ldapsearch, ldapadd, ldapdelete, passwd, passwd lock etc...)
I don't think
there are any client side logs - maybe /var/log/messages
or /var/log/secure?
The server side logs should have some information -
/var/log/dirsrv/slapd-yourinstance/access and errors
Thank you.
Piyush
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users