[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5373) ppolicy issues when deleting the password attribute, even if no password checking is enforced
Full_Name: Guillaume Rousse
Version: 2.3.40
OS: linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (193.55.250.67)
Here are my ppolicy settings:
password policy
overlay ppolicy
ppolicy_use_lockout
ppolicy_default cn=default,ou=policies,dc=futurs,dc=inria,dc=fr
Here is my default entry:
dn: cn=default,ou=policies,dc=futurs,dc=inria,dc=fr
cn: default
objectClass: pwdPolicy
objectClass: organizationalRole
pwdAttribute: userPassword
pwdMaxAge: 0
pwdInHistory: 0
pwdCheckQuality: 0
According to documentation, no user password quality checking should take
places, however, trying to delete userPassword attribute for an user triggers at
least a server error with this LDIF fragment:
dn: userdn
changetype: modify
delete: userPassword
ldapmodify: Internal (implementation specific) error (80)
additional info: Internal Error
Error message in logs: "cannot locate modification supplying new password"
Or worst, a server crash with this one:
dn: userdn
changetype: modify
replace: userPassword
No error message from ldapmodify, and no error message in the logs in this case.