From: Peter Barth (barth@wiesan.de)
Date: Wed Dec 01 2004 - 11:05:00 EST
Hi there,
I do have a problem in a educational environment.
Teachers need to change the pupils passwords without knowing it.
The authenticaton works agaainst the Sun Directory Server 5.2.
I thought about a script which uses the command
/var/Sun/mps/share/bin/ldapmodify but have no success.
I alway receive - even if I try to change the teachers own password -
the error message, that I don#T have sufficient permissions to do so,
the "write" permission to change teh attribute misses.
But, I can change - as a techer - my teacher password using the command
passwd.
And I added a aci which looks like:
(target = "ldap:///uid=*,ou=lehrer,ou=people,dc=dilthey,dc=local"
(targetattr = "*")
(version 3.0; acl "teacher"; allow (all)
userdn =
"ldap:///uid=*,ou=schueler,ou=people,dc=dilthey,dc=local");)
The SDS Console tells me the syntax is correct.
So, does anybody has a clue what I'm missing?
I'm quiet a ldap-novice but thought I understood a little, hmm doesn't
look like it.
Maybe I need to check a global attribut or something?
Help is appreciated and desperately sought
best regards and tahnks in advance
Peter Barth
Medienzentrum Wiesbaden e.V
Germany
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:29:48 EDT