[Fedora-directory-users] disallow_pw_change_aci problem
Omer Faruk Sen
ofsen at yahoo.com
Wed Jul 11 14:03:45 UTC 2007
Hi,
I have installed fedora-ds 1.0.4 to Fedora 6 server. I am trying to install mail ldap cluster. I have added a domain like dc=my,dc=domain,dc=com and added a virtual domain like ou=virtdomain.com,dc=my,dc=domain,dc=com after adding a user like:
uid=user,ou=virtdomain.com,dc=my,dc=domain,dc=com
and changing its password gives me that error:
aci: (targetattr = "userPassword") ( version 3.0; acl "disallow_pw_change_aci"; deny (write ) userdn = "ldap:///self";)
I have read http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html and added an aci like:
aci: (targetattr="userPassword || homePhone ||
homePostalAddress") (version 3.0; acl "Write my.domain.com"; allow
(write) userdn= "ldap:///self";)
for ou=virtdomain.com,dc=my,dc=domain,dc=com
But I still get aci: (targetattr = "userPassword") ( version 3.0; acl "disallow_pw_change_aci"; deny (write ) userdn = "ldap:///self";)
error. How can I disable disallow_pw_change aci since I couldn't find this aci anywhere using directory admin gui.
By the way I think this comes from userRoot database. But I can't find a place to disable disallow_pw_change
Best Regards,
____________________________________________________________________________________
Get the free Yahoo! toolbar and rest assured with the added security of spyware protection.
http://new.toolbar.yahoo.com/toolbar/features/norton/index.php
More information about the 389-users
mailing list