Paul B. Henson wrote: > Even without any active policies defined, the ppolicy overlay starts > generating and replicating pwdFailureTime entries, and any replication > consumer without the module also loaded breaks and stops replicating. > I'm not sure what use it is to maintain pwdFailureTime entries for > objects with no actual password policy in place, other than I suppose to > retroactively apply a policy that might be added in the future based > on historical authentication failures. Sometimes it's handy to see when people had failed logins even if you don't apply lockout policy. You simply should not load slapo-ppolicy without also loading its schema. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature