I banged my head against user password change in openldap (with passwd). Surfing the web over and over i found the way to permit user to change password but with some strange behaviors. These are my ACLs in olcDatabase{2}hdb.ldif
Code: Select all
[root@centosserver ~]# grep olcAccess /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}hdb.ldif
olcAccess: {0}to attrs=userPassword by self write by dn.base="cn=Manager,dc=example,dc=com" write by anonymous auth by * none
olcAccess: {1}to * by dn.base="cn=Manager,dc=example,dc=com" write by self write by * read
Code: Select all
[user1@centosclient ~]$ passwd
Changing password for user user1.
(current) LDAP Password:
New password:
Retype new password:
password change failed: Invalid credentials
passwd: Authentication token manipulation error
Code: Select all
[user1@centosclient ~]$ passwd
Changing password for user user1.
(current) LDAP Password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Can someone help me?
Thank's