On 04/09/15 12:59 +0800, rockwang wrote:
hi,guysI can't chang user password via simple authentication at ldap client. I have set acl rule in slapd.conf. access to attr=userPassword by self write by anonymous auth by dn.base="cn=Manager,dc=abc,dc=com" write by * none access to * by self write by dn.base"cn=Manager,dc=abc,dc=com" write by * read ldappasswd -x -D "uid=bobliu,ou=it,dc=abc,dc=com" -W -S New password: Re-enter new password: Enter LDAP Password: ldap_bind: Invalid credentials (49) but can use ldapsearch via simple authentication. what about problem. thks
Are you positive that you are successfully authenticating with ldapsearch? Your 'by * read' for 'access to *' would allow anonymous users read access to everything except the userPassword entry. See chapter 8 in the OpenLDAP Admin Guide for a saner example. Use debugging/logging to trouble shoot. See slapd(8), and slapd.conf(5). -- Dan White
