[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap bind and password policy


i just added password policy overlay to our openldap servers (2.4.21)
it works fine in general. i can change password as user and it gets well replicated
between provider and consumer.

but since i added password policy i have a strange behaviour:
_i do a ldapsearch on the provider and type in a wrong password for the binding user,
then i get: ldap_bind: Invalid credentials (49) - as expected
_if i do the same on the consumer (type in wrong password for binding) ldapsearch
get me search results without to complain about wrong password. it just adds a pwdFailureTime
attribute on the provider and consumer. but i also expect to get a ldap_bind: Invalid credentials (49) error?

thx for any ideas!