[Date Prev][Date Next]
Re: (ITS#5648) ppolicy controls entries without objectclass pwdPolicy
Michael Ströder <email@example.com> writes:
> firstname.lastname@example.org wrote:
>> man slapo-ppolicy(5) says that the overlay depends on objectclass pwdPolicy and
>> Every account that should be subject to password policy control should have
>> But ppolicy is controlling every enty, even those without attribute pwdPolicy
>> and attribute pwdPolicySubentry.
>> I have created a test entry, which is not subject to password policy but got
>> locked out after 3 binds with wrong password.
> Do you have 'ppolicy_default' set in slapd.conf?
> What happens if you remove that?
Yes, I do have
but this should only be applicable if the entry belongs to
objectclass pwdPolicy but not without objectclass pwdPolicy
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6