> I know some people have reported success - perhaps they will chime in. I tried an upgrade to 1.0.4 but it didn't change anything - still can't have subtree/user policies enforced when I use ldappasswd. Now, this shouldn't be an ACI issue on the policy objects, correct? Since the policy in enforced internally, it should make no difference what permissions the bind DN has for the policy objects? I am assuming that this is right since it makes no difference even if I bind with DM. I'm clutching at straws now - a library issue somewhere? I just can't see why a global policy would work but nothing more local - the obvious reason would be that the nspasswdlocalpolicy attribute is not set in cn=config, but it is ... > Because I don't have a FC4 x86_64 machine to build FDS on. Sorry, I was being stupid, I meant RHEL4, which is certainly there. PK
