[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5040) modifyTimestamp being updated on login (bind) failure

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5040) modifyTimestamp being updated on login (bind) failure
From: hyc@symas.com
Date: Sun, 22 Jul 2007 14:39:10 GMT

dan.cushing@netideasinc.com wrote:
> Full_Name: Dan Cushing
> Version: 2.3.36
> OS: Solaris 9
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (71.76.187.82)
> 
> 
> When running OpenLDAP with the ppolicy overlay, the modifyTimestamp for a user
> entry is updated if the user attempts to login (bind) with an incorrect
> password.  This is happening because the password lockout feature is enabled and
> the operational attribute 'pwdFailureTime' is being updated.  It seems like this
> results in a misleading modifyTimestamp.  Is it intended that the
> modifyTimestamp attribute be updated when operational attributes are updated?

Hadn't really thought about it before. We can certainly avoid this though.
-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/

Prev by Date: Re: (ITS#5054) AVA in slapd-meta(5) and slapo-rwm(5)
Next by Date: ITS#5009 ldapsearch -C
Index(es):
- Chronological
- Thread