logoUserbooster Forum

Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

EJP
#1 Posted : Monday, December 5, 2016 7:11:04 AM(UTC)
EJP

Rank: Advanced Member

Groups: Registered
Joined: 6/21/2011(UTC)
Posts: 75

Was thanked: 2 time(s) in 2 post(s)
From the ppolicy draft RFC, #8.2.7. Policy State Updates:

If the steps have completed without causing an error condition, the
server performs the following steps in order to update the necessary
password policy state attributes:

If the value of either pwdMaxAge or pwdMinAge is non-zero, the server
updates the pwdChangedTime attribute on the entry to the current
time.

If the value of pwdInHistory is non-zero, the server adds the
previous password (if one existed) to the pwdHistory attribute. If
the number of attributes held in the pwdHistory attribute exceeds the
value of pwdInHistory, the server removes the oldest excess
passwords.

If the value the pwdMustChange is TRUE and the modification is
performed by a password administrator, then the pwdReset attribute is
set to TRUE. Otherwise, the pwdReset is removed from the user's
entry if it exists.


I've never been able to get some of this to work, specifically 'If the value the pwdMustChange is TRUE and the modification is performed by a password administrator, then the pwdReset attribute is set to TRUE.' There is no code to implement this feature in ppolicy.c. Is there any plan to change this?

I do realize this should be submitted to OpenLDAP but you guys are so good at fixing things ... ;-)
Users browsing this topic
Guest (2)
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF | YAF © 2003-2017, Yet Another Forum.NET
This page was generated in 0.093 seconds.