[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: replication delay problem



Clément OUDOT wrote:
> 2014-03-01 20:07 GMT+01:00 Michael Ströder <michael@stroeder.com>:
> 
>> Clément OUDOT wrote:
>>> An entry that is not associated to a password policy (and no default
>>> ppolicy configured) should not own any ppolicy operational attribute.
>>
>> Why?
>>
>> 'pwdFailureTime' is declared as
>>
>>   NO-USER-MODIFICATION
>>   USAGE directoryOperation
>>
>> and is not referenced in any object class at all.
> 
> But it is an operational attribute of password policy, and it is loaded
> with ppolicy overla.

So what?

Can you please point me to any text saying that 'pwdFailureTime' MUST NOT be
used if password lockout is not used and especially why?

>> In the context of this discussion you can only argue that it should or
>> should
>> not be replicated. But ITS#7788 is not a bug. It's just a certain
>> implementation.
> 
> It is your point of view, not mine. An OpenLDAP developer should give its
> own.

Yes, it's my personal view. Just like saying ITS#7788 is a bug is yours.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature