[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OL 2.3.7, ppolicy, how to unlock account?

To: "Howard Chu" <hyc@symas.com>
Subject: Re: OL 2.3.7, ppolicy, how to unlock account?
From: "Samuel Tran" <stran@amnh.org>
Date: Wed, 14 Sep 2005 21:00:24 -0400 (EDT)
Cc: "Samuel Tran" <stran@amnh.org>, "openldap" <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <4328B579.4040504@symas.com>
References: <1126725071.13144.13.camel@mistral> <4328B579.4040504@symas.com>
User-agent: SquirrelMail/1.4.4

> Samuel Tran wrote:
>> Hi all,
>>
>> I am testing the password policy in OL 2.3.7 on a Debian Linux Sarge
>> server.
>>
>> I managed to lock an account after intentionally binding with a wrong
>> password 3 times. Now how can I unlock the account? I looked at the man
>> page for slapo-ppolicy and the draft-behera-ldap-password-policy-xx.txt
>> file. But couldn't find anything.
>>
> Between 2.3.6 and 2.3.7 I made a schema change to follow draft-09 of the
> password policy spec. It appears this was a bad idea, as it prevents you
> from deleting the pwdAccountLockedTime attribute. (In the development
> source, you can use the ManageDIT control to accomplish it, but this
> control wasn't enabled in the Release code.) If you grab the current
> ppolicy.c from CVS HEAD this problem is fixed, some of the draft-09
> schema changes are undone so that you can still manipulate these
> attributes.
>
> Also with the version in CVS, resetting the password automatically
> unlocks the account.
>

Thanks Howard!

I am liking the ppolicy a lot! I cannot wait for the release of 2.3.8.

Regards,
Sam

References:
- OL 2.3.7, ppolicy, how to unlock account?
  - From: Samuel Tran <stran@amnh.org>
- Re: OL 2.3.7, ppolicy, how to unlock account?
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: TLS and GSSAPI problems
Next by Date: make test no. 8 fails (2.3.4) [auf Viren überprüft]
Index(es):
- Chronological
- Thread