[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: comments on ldap password policy draft
At 05:10 PM 10/22/99 -0600, Jim Sermersheim wrote:
>pwdExpirationTime
You cannot recalculate pwdExpirationTime if they don't exist.
If you change the policy from no expiration to n seconds,
you have no reference point (excepting the current time) to
establish pwdExpirationTime values.
If you want to avoid the policy fetch for each bind, you
could store both a timestamp of last password modification
and the expiration time.
>>> pwdStorageScheme: SHA
>>Should be pwdDefaultStorageScheme.
You might apply s/pwdStorageScheme/pwdDefaultStorageScheme/g.
(that is, there are multiple occurrances of this typo).