[Date Prev][Date Next]
Re: (ITS#3980) ppolicy overlay replication problems
Ah right. Thanks for the feedback. Case 4 should now be fixed in HEAD.
Kevin Spicer wrote:
> Thanks for the fix Howard,
> Unfortunately it only solves three of the four cases in my original
> report. Case 4 remains unsolved.
> I'm thinking because this is a slightly different case, where
> pwdGraceUseTime exists on the replica but not on the master.
> The impact of this is that where a user is authenticating against a
> replica and locks themselves out due to exhausting grace logins then
> even after an administrator resets the password they will still be
> unable to bind to the replica.
> This was tested against 2.3.7 with ppolicy.c from HEAD
> On Sun, 2005-09-04 at 15:25 +0100, Howard Chu wrote:
>> Thanks for the report, a fix is now in CVS HEAD, please test.
>> email@example.com wrote:
>>> Just to add that I've just (remembered and) checked the slurpd
>>> file and am indeed seeing the password updates rejected because
>>> pwdGraceUseTime does not exist.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/