we have a company multi-master 389DS confifuration, with 2 different
root subtrees, password policy is active for one subtree only.
Users are actually not able to change their own password, because the
presence of an automatically created aci:
aci: (targetattr = "userPassword") ( version 3.0; acl
"disallow_pw_change_aci" ; deny (write ) userdn = "ldap:///self";)
ACI is probably recreated because one subtree has password policy disabled.
Does anyone have some hint to share?
Thank you
Ramon
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
No comments:
Post a Comment