[Date Prev][Date Next]
Re: ppolicy and Access Control to operational Attributes
On Wednesday 06 April 2005 12:54, Howard Chu wrote:
> This is also ITS#3573. Yes, I believe those operational attributes
> need to be marked NO-USER-MODIFICATION but since the draft 7 spec
> doesn't define them this way, I haven't made the change. The same
> problem still remains in the draft 8 spec.
I am currently trying to prepare a patch (will submit an ITS later
today) to update the overlay code to the draft 8 spec. Here a brief
overview of the changes that I found:
- "pwdGraceLoginLimit" is now "pwdGraceAuthNLimit"
- "pwdExpirationWarned" does no longer exist
- Result codes for password update operations have been changed from
"unwillingToPerform" to "insufficientAccessRights"
> I believe making this change may cause other problems in a
> replication environment, but I don't remember the details. At any
> rate, there are lots of undefined/unspecified behaviors wrt
> replication here.
SUSE LINUX Products GmbH, Maxfeldstrasse 5, D-90409 Nuernberg
F: +49-911-74053575 - Ralf.Haferkamp@suse.com