[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4978) slapo-ppolicy.5 and missing Zero value example

<quote who="hyc@symas.com">
> ahasenack@terra.com.br wrote:
>> On Mon, May 21, 2007 at 09:25:23PM +0000, ghenry@OpenLDAP.org wrote:
>>> draft-behera-ldap-password-policy-xx.txt and ppolicy.schema list:
>>> "A 000001010000Z value means that the account has been locked
>>> permanently, and
>>> that only a password administrator can unlock the account."
>>> But pwdAccountLockedTime doesn't use integerMatch, so an example of the
>>> above
>>> syntax is needed with anything that has a generalizedTimeMatch. I think
>>> pwdAccountLockedTime is the only one?
>> The slapo-ppolicy(5) manpage is actually misleading. It implies that
>> the value is a plain zero, which doesn't work:
>> "If pwdAccountLockedTime is set to zero (0), the user's account (...)"
> That text in the manpage came from an earlier revision of the ppolicy
> draft; it just wasn't updated when the meaning was clarified in a later
> draft version. Looks like Gavin has fixed it in HEAD now.

Yes, sorry. I thought silence meant it was ok to go ahead.

This is my first ever commit, so I'll be a bit more patient next time ;-)


> --
>    -- Howard Chu
>    Chief Architect, Symas Corp.  http://www.symas.com
>    Director, Highland Sun        http://highlandsun.com/hyc/
>    Chief Architect, OpenLDAP     http://www.openldap.org/project/