summaryrefslogtreecommitdiffstats
path: root/lib/Auth
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2013-12-16 12:38:31 +0100
committerAleksander Machniak <alec@alec.pl>2013-12-16 12:38:31 +0100
commita2ed69552bf9e45f91f1ef778e55bdcdcea783c0 (patch)
tree35158c1df75d6ef17624d88df273dff15ae8718b /lib/Auth
parent3bfd96b6a61985d5ad360f76ec865f15944fc7e9 (diff)
downloadwebadmin-a2ed69552bf9e45f91f1ef778e55bdcdcea783c0.tar.gz
Fix self-write ACL for new domains to fix password changes by self (Bug #2678)
Diffstat (limited to 'lib/Auth')
-rw-r--r--lib/Auth/LDAP.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 1d4531a..7736fd3 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -361,7 +361,7 @@ class LDAP extends Net_LDAP3 {
),
'aci' => array(
// Self-modification
- "(targetattr = \"" . implode(" || ", $self_attrs) . "\")(version 3.0; acl \"Enable self write for common attributes\"; allow (write) userdn=\"ldap:///self\";)",
+ "(targetattr = \"" . implode(" || ", $self_attrs) . "\")(version 3.0; acl \"Enable self write for common attributes\"; allow (read,compare,search,write) userdn=\"ldap:///self\";)",
// Directory Administrators
"(targetattr = \"*\")(version 3.0; acl \"Directory Administrators Group\"; allow (all) (groupdn=\"ldap:///cn=Directory Administrators," . $inetdomainbasedn . "\" or roledn=\"ldap:///cn=kolab-admin," . $inetdomainbasedn . "\");)",
// Configuration Administrators