[Date Prev][Date Next]
PPolicy overlay and hidden user attributes.
I'm playing with the password policy overlay and it seems to be working,
but I can't see any of the user attributes that the policy sets on an user
object in my ldapbrowser:
pwdChangedTime, pwdAccountLockedTime, pwdExpirationWarned,
pwdFailureTime, pwdHistory, pwdGraceUseTime, pwdReset,
I've turned off for testing all my access controls (left it to the
default: if no access controls are present, the default policy allows
anyone and everyone to read anything) and I'm bound as the administrator
defined in my slapd.conf.
I'm using the test schema for password policies as a baseline. I can
upload the ppolicy.ldiff into my server and I know all the schema is
active as it doesn't give any errors (pwdPolicySubEntry on the test object
Are these "internal" attributes? Is this normal behavior? Can I see these
attributes in my browser and edit them if needed? The issue that I face if
I implement these password policies is how can I tell by using
ldapbrowser an account has been locked out?
Just a bit confused on how to get to these objects,