>>My understanding is that the reset token via mail - as it has no current >>password - binds with the root dn instead of the user dn and therefore >>bypasses ppolicy ? >>Indeed, as we don't have user old password, the configured binddn is used to >>change the password. If you set the rootdn, it will bypass the ppolicy.
Bingo ! This is where my ldap skills fail (permissions...)... what is the best ldif setup to run to create a binndn that change (only ?) the password without being rootdn ? Sebastian
_______________________________________________ ltb-users mailing list [email protected] https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
