Hi, I have a problem with this aci. I have a dn like ou=x.com,dc=my,dc=domain,dc=com. I added aci to my dc=my,dc=domain,dc=com as depicted in: http://www.redhat.com/docs/manuals/dir-server/ag/7.1/acl.html I add following aci: (targetattr="userPassword || homePhone || homePostalAddress") (version 3.0; acl "Write my.domain.com"; allow (write) userdn= "ldap:///self";;) restart fedora-ds but when i try to change password with uid=user,oid=x.com,dc=my,dc=domain,dc=com i get following error: aci: (targetattr = "userPassword") ( version 3.0; acl "disallow_pw_change_aci"; deny (write ) userdn = "ldap:///self";;) My question is how can I disable disallow_pw_change_aci. I couldn't find that aci anywhere? By the way as far as I understood child entries inherits parent acis am I right? Because if not there is no explanation to that error Best Regards, -- Omer Faruk Sen http://www.faruk.net
