Ok. ACL:
access: to attrs=shadowLastChange,userPassword
    by self write
    by anonymous auth

access to *
    by * read
    by anonymous auth

I left the shadowLastChange, hoping that it would fix at least one problem, but no joy: I can log onto other servers with my new password... but not into the ldap server - it still wants my old password, and I, as a user, am not in either /etc/password or /etc/shadow.

Next problem: I've got another user trying to change their password, and they keep getting an insufficient access (50).

Any clues? (Still 2.3.39, RHEL 4)

  mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@(protected)
https://www.redhat.com/mailman/listinfo/redhat-list