access to dn.regex="(.*,ou=(.+),jvd=([^,]+),o=hosting,dc=myhosting,dc=example)"     attrs=userPassword     by self write     by users write
"by users write" will allow any authenticated user to overwrite anyone's password. I'm guessing you really do *not* want this rule.
--Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration