• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

LDAP - Allowing user to change his own attributes

 
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a number of tasks in a project I'm working on that require LDAP password policy settings, like remembering password history, locking the account after x number of failures, and one is that a user must change his password after an administrator resets it.

My java code can successfully change a password if logged in as the admin (e.g. cn=root), but when I attempt to connect as the user with his credentials, I get a NoPermissionException (error code 50). Then I tried changing other attributes of that user (while logged in as the user), and I get the same NoPermissionException.

What do I need to do to make changes in my LDAP directory as the logged in user? I can't just login as the admin to make the change because then the password complexity rules aren't enforced (since the admin can do whatever he wants).

Thank you very much for your help.
 
Cameron Dalton
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I think I've decided that this is a server issue.

I've been attempting to configure the permissions so that all users have write access to their own record, and my server config claims to have this ability, but that's giving me additional problems. In any case, that's a question for a completely different forum.
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I've encountered exactly the same problem as you.

How does you make it out? I know it has been long time ago. Would you mind to share your code?

Thanks.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic