Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page ACL for userPassword for 'self' - authorized users or wrong settings in pam-ldap.conf

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 01-10-2010, 04:36 AM
Member
  
Posts: 14
Default ACL for userPassword for 'self' - authorized users or wrong settings in pam-ldap.conf
Hi,

ZCS 6.0.x + Ubuntu + Samba -> according to WIKI - works fine, except for:

1) root#su - YY
2) YY#passwd
3) passwd
Enter login(LDAP) password:
New password:
Passwords must differ
New password:
Re-enter new password:
LDAP password information update failed: Unknown error

passwd: Permission denied
passwd: password unchanged

and this is from LDAP ZCS:

Jan 10 15:30:17 mail slapd[22065]: conn=609154 fd=66 ACCEPT from IP=192.168.89.3:33787 (IP=192.168.89.6:389)
Jan 10 15:30:17 mail slapd[22065]: conn=609154 op=0 BIND dn="uid=zmposixroot,cn=appaccts,cn=zimbra" method=128
Jan 10 15:30:17 mail slapd[22065]: conn=609154 op=0 BIND dn="uid=zmposixroot,cn=appaccts,cn=zimbra" mech=SIMPLE ssf=0
Jan 10 15:30:17 mail slapd[22065]: conn=609154 op=0 RESULT tag=97 err=0 text=
Jan 10 15:30:17 mail slapd[22065]: conn=609154 op=1 SRCH base="ou=people,dc=XXX,dc=XX" scope=1 deref=0 filter="(uid=YY)"
Jan 10 15:30:17 mail slapd[22065]: conn=609154 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
....
Jan 10 13:27:47 mail slapd[22065]: conn=609154 op=4 MOD dn="uid=YY,ou=people,dc=XXX,dc=XX"
Jan 10 13:27:47 mail slapd[22065]: conn=609154 op=4 MOD attr=userPassword
Jan 10 13:27:47 mail slapd[22065]: conn=609154 op=4 RESULT tag=103 err=50 text=

and this is what was added to ACLs:

olcAccess: {9}to attrs=entry by dn.children="cn=admins,cn=zimbra" write by d
n.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by * read
olcAccess: {10}to dn.subtree="dc=XXX,dc=XX" by dn.children="cn=admins,cn=
zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by d
n.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=XXX,dc=XX" by dn.children="c
n=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra
" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=XXX,dc=XX" by dn.children="cn=
admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra"
write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {13}to dn.subtree="ou=people,dc=XXX,dc=XX" by dn.children="cn=
admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra"
write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none

What can be wrong with my installation?

Thanks,
Marcin
Last edited by itipopema; 01-10-2010 at 06:42 AM..
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.