[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy pwdreset problem

To: openldap-software@openldap.org
Subject: Re: ppolicy pwdreset problem
From: "Svend Sorensen" <ssorensen@gmail.com>
Date: Fri, 27 Apr 2007 12:57:59 -0700
Content-disposition: inline
In-reply-to: <237676.69461.qm@web57106.mail.re3.yahoo.com>
References: <237676.69461.qm@web57106.mail.re3.yahoo.com>

On 4/26/07, aleem bagwan wrote:

  I m using openldap-2.3.4 version with ppolicy enabled. I have a problem
with the reset feature. If i set pwdReset and pwdMustChange attribute for a
user, say testuser, I can see that it works as expected using ldapsearch
command ie  it never allows u to login & asks u to modify the password.


Here you binding and attempting a search with a reset password...

Now
for the problem: At the client side(say PHP), If i bind to the server using
testuser and resetted password, i m allowed to log in..How is that
possible...it should not work that way..right..It should emulate
ldapsearch..am i right?


..and here you are just binding, I expect.  With pwdReset set, you can
bind (and change your password), but you cannot perform searches.

References:
- ppolicy pwdreset problem
  - From: aleem bagwan <aleem_hescorp@yahoo.com>

Prev by Date: Re: LDAP authenticaton against PAM how-to
Next by Date: Re: How long should replication take?
Index(es):
- Chronological
- Thread