summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2013-12-16 11:38:31 (GMT)
committerAleksander Machniak <alec@alec.pl>2013-12-16 11:40:02 (GMT)
commit0f6a407dbbae2458b566a20f89b43e7b2d0aa584 (patch)
treee338c5b234fd03297aef60e156b04c89f9b94acc
parent12bb648410ec8f7de793210994352cba1c027cd7 (diff)
downloadkolab-wap-0f6a407dbbae2458b566a20f89b43e7b2d0aa584.tar.gz
Fix self-write ACL for new domains to fix password changes by self (Bug #2678)
-rw-r--r--lib/Auth/LDAP.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 1d4531a..7736fd3 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -361,7 +361,7 @@ class LDAP extends Net_LDAP3 {
),
'aci' => array(
// Self-modification
- "(targetattr = \"" . implode(" || ", $self_attrs) . "\")(version 3.0; acl \"Enable self write for common attributes\"; allow (write) userdn=\"ldap:///self\";)",
+ "(targetattr = \"" . implode(" || ", $self_attrs) . "\")(version 3.0; acl \"Enable self write for common attributes\"; allow (read,compare,search,write) userdn=\"ldap:///self\";)",
// Directory Administrators
"(targetattr = \"*\")(version 3.0; acl \"Directory Administrators Group\"; allow (all) (groupdn=\"ldap:///cn=Directory Administrators," . $inetdomainbasedn . "\" or roledn=\"ldap:///cn=kolab-admin," . $inetdomainbasedn . "\");)",
// Configuration Administrators