diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml
index a720f4c4..2c67b992 100644
--- a/lam/docs/manual-sources/howto.xml
+++ b/lam/docs/manual-sources/howto.xml
@@ -1170,6 +1170,8 @@ Have fun!
membership check can be done with either HTTP authentication or LDAP
overlays like "memberOf"
+ or "Dynamic
lists". Dynamic lists allow to insert virtual attributes to
your user entries. These can then be used for the LDAP filter (e.g.
@@ -4642,13 +4644,27 @@ Run slapindex to rebuild the index.
the LDAP database. Before your users may change their settings you
must allow them to change their LDAP data.
- This can be done by adding an ACL to your slapd.conf which looks
- like this:
+ This can be done by adding ACLs to your slapd.conf or
+ slapd.d/cn=config/olcDatabase={1}bdb.ldif which look similar to
+ these:
+
+ access to
+
+ attrs=userPassword
+
+ by self write
+
+ by anonymous auth
+
+ by * none
+
+
+access to
- attrs=mail,sn,givenName,telephoneNumber,mobile,facsimileTelephoneNumber,street,postalAddress,postOfficeBox,postalCode,roomNumber,userPassword,shadowLastChange
+ attrs=mail,sn,givenName,telephoneNumber,mobile,facsimileTelephoneNumber,street,postalAddress,postOfficeBox,postalCode,roomNumber,shadowLastChange
by self write