[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#7766) Account unlocked in slave after two modifications on a master (overlay ppolicy)
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#7766) Account unlocked in slave after two modifications on a master (overlay ppolicy)
- From: coudot@linagora.com
- Date: Mon, 16 Dec 2013 14:55:12 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Clément OUDOT
Version: 2.4.38
OS: GNU/Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (88.173.78.196)
I have a simple setup with a master (overlay syncprov + overlay ppolicy) and a
slave (syncrepl client, overlay ppolicy).
1. I lock my account in the slave
2. I change the description attribute of my account a first time in the master
3. My account is still locked in the slave
4. I change the description attribute of my account a second time in the master
5. My account is no more locked in the slave: the password policy operational
attributes pwdFailureTime and pwdAccountUnlockTime were erased by the one of the
master
Seems like a control is done the first time that syncrepl update the entry (the
first time, pwdAccountLockTime and pwdFailureTime are not erased), but the
second time the control is not done.