[Date Prev][Date Next]
Re: (ITS#4978) slapo-ppolicy.5 and missing Zero value example
> firstname.lastname@example.org wrote:
>> On Mon, May 21, 2007 at 09:25:23PM +0000, ghenry@OpenLDAP.org wrote:
>>> draft-behera-ldap-password-policy-xx.txt and ppolicy.schema list:
>>> "A 000001010000Z value means that the account has been locked
>>> permanently, and
>>> that only a password administrator can unlock the account."
>>> But pwdAccountLockedTime doesn't use integerMatch, so an example of the
>>> syntax is needed with anything that has a generalizedTimeMatch. I think
>>> pwdAccountLockedTime is the only one?
>> The slapo-ppolicy(5) manpage is actually misleading. It implies that
>> the value is a plain zero, which doesn't work:
>> "If pwdAccountLockedTime is set to zero (0), the user's account (...)"
> That text in the manpage came from an earlier revision of the ppolicy
> draft; it just wasn't updated when the meaning was clarified in a later
> draft version. Looks like Gavin has fixed it in HEAD now.
Yes, sorry. I thought silence meant it was ok to go ahead.
This is my first ever commit, so I'll be a bit more patient next time ;-)
> -- Howard Chu
> Chief Architect, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/