[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ppolicy module limited to catching 1 login failure per second?

> From: Michael Ströder
> Sent: Sunday, April 27, 2014 11:22 PM
> Yes, there's already an ITS present for that:
> http://www.openldap.org/its/index.cgi?findid=7161

Hmm, I see that was opened over two years ago and as of yet still has no
response :(.

It would appear the generalized time syntax the attribute is defined as
supports fractional seconds, and in the draft RFC I don't see any specific
requirement that the timestamp be at a per second granularity as opposed to
hundreds of a second or thousands of a second. I will need to go review the
actual code to see if this is something more complicated than it would
initially appear, but I think at this point I'm going to try to fix this
myself. Hopefully such an enhancement would be accepted into the official