We are using SSL VPN and have LDAP for authentication. The VPN has an option for users to be able to change their password. I have read that in order for users to change their own LDAP password they need to have write access to the password Management attribute for their own object. When I check their rights I don't see anything that says password management. Is it the allow password change attribute? I noticed that this is already checked and says they have read, right, etc. Doesn't this option coincide with the password restrictions tab. The only thing I see is ndap password managment but from reading this isn't the correct one either.