Chapter 1. Self service

Table of Contents

Preparations
OpenLDAP ACLs
Other LDAP servers
Creating a self service profile
Edit your new profile

Preparations

OpenLDAP ACLs

By default only a few administrative users have write access to the LDAP database. Before your users may change their settings you must allow them to change their LDAP data.

This can be done by adding an ACL to your slapd.conf which looks like this:

access to

attrs=mail,sn,givenName,telephoneNumber,mobile,facsimileTelephoneNumber,street,postalAddress,postOfficeBox,postalCode,password

by self write

If you do not want them to change all attributes then reduce the list to fit your needs. Some modules may require additional LDAP attributes.

Usually, the slapd.conf file is located in /etc/ldap or /etc/openldap.

Other LDAP servers

There exist many LDAP implementations. If you do not use OpenLDAP you need to write your own ACLs. Please check the manual of your LDAP server for instructions.