[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: deploying password policy module

Paul B. Henson wrote:
> Even without any active policies defined, the ppolicy overlay starts
> generating and replicating pwdFailureTime entries, and any replication
> consumer without the module also loaded breaks and stops replicating.
> I'm not sure what use it is to maintain pwdFailureTime entries for
> objects with no actual password policy in place, other than I suppose to
> retroactively apply a policy that might be added in the future based
> on historical authentication failures.

Sometimes it's handy to see when people had failed logins even if you don't
apply lockout policy.

You simply should not load slapo-ppolicy without also loading its schema.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature