[389-users] 389 Directory server + passwd problem
Rich Megginson
rmeggins at redhat.com
Tue Jan 4 21:43:20 UTC 2011
On 12/30/2010 03:24 AM, MAP 007 wrote:
> Hi,
>
> Recently i have setup 389 DS on my CentOS machine.Now yesterday i m
> able to reset user's password. Now i m not able to reset it....
>
> I have checked my directory server's setting and found that i have
> mistakenly set "disallow_pw_change_aci" ACL. Now i have deleted this
> one. But whenever i restart my dirsrv and dirsrv-admin services i see
> "disallow_pw_change_aci" ACL again in my directory server.
>
> Que.1 Now how to remove parmanently ?
How are you deleting it? What exactly are you doing? Are you using
replication?
>
> And secondly when i remove this from directory server and then try to
> change password
What is the exact command you are using to change the password?
Can you post excerpts from your access log showing the password change
operation?
> i am getting below error:-
>
> LDAP password information update failed: Server is unwilling to perform
> user is not allowed to change password
> passwd: Permission denied
>
> Que.2 Now how to sort out this one... ?
>
> Que.3 And one more question is, where i will find all these logs...if
> someone file these command at client as well as server machine(i.e.
> ldapsearch, ldapadd, ldapdelete, passwd, passwd lock etc...)
I don't think there are any client side logs - maybe /var/log/messages
or /var/log/secure?
The server side logs should have some information -
/var/log/dirsrv/slapd-yourinstance/access and errors
>
>
> Thank you.
> Piyush
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20110104/85939b3f/attachment.html>
More information about the 389-users
mailing list