[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4148) fix for ITS 4134 reintroduces problem fixed in ITS 3980

Full_Name: Kevin Spicer
Version: 2.3.11 (+ ppolicy.c rev 1.68)
OS: Solaris 9
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

Slightly misleading subject...

The fix for ITS 3980 solved the problem of pwdGraceUseTime and
pwdAccountLockedTime not necessarily existing on a replica, causing the
replication to fail if these attrs needed deleting on the master.

The fix for ITS 4134 Deletes pwdFailureTime on the master if it exists.  This
now causes replication to fail if pwdFailureTime does not exist on the replica.

To reproduce...

Setup master and slave instances with ppolicy module.
Create user
attempt to bind to master as user with incorrect password
reset users password
observe that new password isn't replicated entry ends up in reject log with
ERROR: No such attribute: modify/delete: pwdFailureTime: no such attribute