Sun OpenSSO Enterprise 8.0 Update 1 Release Notes


When an administrator tries to change a user's password using the OpenSSO console or CLI or using the ldap-modify{}utility, if the following message is displayed in the OpenDS access log: "You do not have sufficient privileges to reset user passwords, " then the password-reset privilege is not configured.

In OpenDS, you must add the password-reset privilege and assign it to an administrator. In the following example, the administrator is named openssouser. This privilege enables the administrator to reset the passwords of other users in the directory. The password-reset privilege works in association with the OpenDS ACIs that are set in the target.