[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4978) slapo-ppolicy.5 and missing Zero value example

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4978) slapo-ppolicy.5 and missing Zero value example
From: ghenry@suretecsystems.com
Date: Tue, 22 May 2007 17:42:38 GMT

<quote who="hyc@symas.com">
> ahasenack@terra.com.br wrote:
>> On Mon, May 21, 2007 at 09:25:23PM +0000, ghenry@OpenLDAP.org wrote:
>>> draft-behera-ldap-password-policy-xx.txt and ppolicy.schema list:
>>>
>>> "A 000001010000Z value means that the account has been locked
>>> permanently, and
>>> that only a password administrator can unlock the account."
>>>
>>> But pwdAccountLockedTime doesn't use integerMatch, so an example of the
>>> above
>>> syntax is needed with anything that has a generalizedTimeMatch. I think
>>> pwdAccountLockedTime is the only one?
>>
>> The slapo-ppolicy(5) manpage is actually misleading. It implies that
>> the value is a plain zero, which doesn't work:
>> "If pwdAccountLockedTime is set to zero (0), the user's account (...)"
>
> That text in the manpage came from an earlier revision of the ppolicy
> draft; it just wasn't updated when the meaning was clarified in a later
> draft version. Looks like Gavin has fixed it in HEAD now.

Yes, sorry. I thought silence meant it was ok to go ahead.

This is my first ever commit, so I'll be a bit more patient next time ;-)

Thanks.

>
> --
>    -- Howard Chu
>    Chief Architect, Symas Corp.  http://www.symas.com
>    Director, Highland Sun        http://highlandsun.com/hyc/
>    Chief Architect, OpenLDAP     http://www.openldap.org/project/
>
>
>

Prev by Date: Re: (ITS#4958) slapd segfaults when overlay rwm, suffixmassage is used in conjunction with empty suffix
Next by Date: Re: (ITS#4979) Bad response when requesting bad attributes
Index(es):
- Chronological
- Thread