[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with Password Policy Overlay - Password Reset

>2.3.5 has been released, and there are 2-3 minor
fixes >to ppolicy included. You should upgrade.

Thanks, I have done this just today.  My problem

>What do you mean by "user can't authenticate" ?
>Certainly they should still be able to Bind

Yes you are correct.  User with pwdReset flag set to
"TRUE", may subsequently authenticate.  My problem
occurs later, after I clear the pwdReset flag on
user's operational attribute.  (To clear the pwdReset
flag, I set to a value of "FALSE").
Subsequent LDAP operations generate this error:

"error result (50); Operations are restricted to
bind/unbind/abandon/StartTLS/modify password;
Insufficient access"

Regardless of operation or user.  IOW - every
subsequent operation I then perform on directory,
receives this error.

This holds true even for rootdn user operations.

The process remains in this state, until I restart
slapd, at which time it resumes normal operation.