[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7766) Account unlocked in slave after two modifications on a master (overlay ppolicy)

To: openldap-its@OpenLDAP.org
Subject: (ITS#7766) Account unlocked in slave after two modifications on a master (overlay ppolicy)
From: coudot@linagora.com
Date: Mon, 16 Dec 2013 14:55:12 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Clément OUDOT
Version: 2.4.38
OS: GNU/Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (88.173.78.196)


I have a simple setup with a master (overlay syncprov + overlay ppolicy) and a
slave (syncrepl client, overlay ppolicy).

1. I lock my account in the slave
2. I change the description attribute of my account a first time in the master
3. My account is still locked in the slave
4. I change the description attribute of my account a second time in the master
5. My account is no more locked in the slave: the password policy operational
attributes pwdFailureTime and pwdAccountUnlockTime were erased by the one of the
master

Seems like a control is done the first time that syncrepl update the entry (the
first time, pwdAccountLockTime and pwdFailureTime are not erased), but the
second time the control is not done.

Prev by Date: (ITS#7765) Crash when adding syncrepl configuration in cn=config without search base
Next by Date: (ITS#7767) Connection not reset when olcDbUri value changed in cn=config (ldap backend)
Index(es):
- Chronological
- Thread