[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OL 2.3.7, ppolicy, how to unlock account?

> Samuel Tran wrote:
>> Hi all,
>> I am testing the password policy in OL 2.3.7 on a Debian Linux Sarge
>> server.
>> I managed to lock an account after intentionally binding with a wrong
>> password 3 times. Now how can I unlock the account? I looked at the man
>> page for slapo-ppolicy and the draft-behera-ldap-password-policy-xx.txt
>> file. But couldn't find anything.
> Between 2.3.6 and 2.3.7 I made a schema change to follow draft-09 of the
> password policy spec. It appears this was a bad idea, as it prevents you
> from deleting the pwdAccountLockedTime attribute. (In the development
> source, you can use the ManageDIT control to accomplish it, but this
> control wasn't enabled in the Release code.) If you grab the current
> ppolicy.c from CVS HEAD this problem is fixed, some of the draft-09
> schema changes are undone so that you can still manipulate these
> attributes.
> Also with the version in CVS, resetting the password automatically
> unlocks the account.

Thanks Howard!

I am liking the ppolicy a lot! I cannot wait for the release of 2.3.8.