[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't modify pwdChangedTime as "admin"

To: openldap-technical@openldap.org
Subject: Re: Can't modify pwdChangedTime as "admin"
From: Dieter Klünter <dieter@dkluenter.de>
Date: Wed, 17 Aug 2016 11:37:28 +0200
In-reply-to: <CACtG2e3+-LH_6Y3dR-ixVSn1tXJ8Gnu4D_5HTHch6yXq60OKBg@mail.gmail.com>
Organization: AVCI
References: <CACtG2e3+-LH_6Y3dR-ixVSn1tXJ8Gnu4D_5HTHch6yXq60OKBg@mail.gmail.com>

Am Wed, 17 Aug 2016 10:46:58 +0200
schrieb "PenguinWhispererThe ." <th3penguinwhisperer@gmail.com>:

> Hi all,
> 
> I've noticed that after a password reset pwdChangedTime gets updated.
> 
> This is fine. We do have a policy in place that doesn't let you
> modify your password again within a few days.
> 
> I'd like to reset/change this pwdChangedTime so the user can reset his
> password himself after logging in with the supplied password. However
> deleting/modifying pwdChangedTime doesn't work.
> 
> How should I resolve this?
> I'm pretty sure this is not an ACL issue as my user matches the first
> entry and is allowed to write all.
> 
> I've seen some docs from IBM about removing pwdChangedTime being
> possible but that might not apply to openldap.
>
man slapo-ppolicy(5), read carefully the comments on pwdReset.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

References:
- Can't modify pwdChangedTime as "admin"
  - From: "PenguinWhispererThe ." <th3penguinwhisperer@gmail.com>

Prev by Date: Can't modify pwdChangedTime as "admin"
Next by Date: replicator account password encrypted and entries are hidden in ldap viewer
Index(es):
- Chronological
- Thread