[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7089) ppolicy adds PWDFAILURETIME to organizationalUnit

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7089) ppolicy adds PWDFAILURETIME to organizationalUnit
From: noel@debian.org
Date: Mon, 21 Nov 2011 09:08:19 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

--=-OBICNroNT6O1Nc+JWJc8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hello Michael,

>noel debian.org wrote:
>> IMHO it is a bug that the ppolicy adds the PWDFAILURETIME attribute to D=
N's
>> which don't have a userPassword attribute and cannot get one.

> Hmm, this is somewhat debatable. I'm not sure. But I also don't see any h=
arm
> in the current behaviour. It's surely the client configuration which need=
s to

:(

> be fixed.

In my case the behaviour is pollution my data with unneeded and unwanted
data in ous which I want to prevent. I don't have control over the
clients so sadly I cannot fix the source of the problem (the requests).
The PWDFAILURETIME (and PWDACCOUNTLOCKEDTIME) is only useful when there
is a userPassword: attribute ( when using pwdAttribute: userPassword).
Is there any chance that the behaviour is accepted as a problem?

--=20
No=C3=ABl K=C3=B6the <noel debian.org>
Debian GNU/Linux, www.debian.org

--=-OBICNroNT6O1Nc+JWJc8
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEABECAAYFAk7KFRUACgkQ9/DnDzB9Vu2a8QCfdLgeqXZE6hgK5wy2Tk+bZCAZ
vMYAnA9UHtRGoukZcJ/KtvxHDZECFP6d
=91QP
-----END PGP SIGNATURE-----

--=-OBICNroNT6O1Nc+JWJc8--

Prev by Date: Re: (ITS#7092) Please re-open #6548 - Many "connection_read(): no connection!" warnings when using ldapi:/// and a bind DN (no external authentication)
Next by Date: (ITS#7093) test000-rootdse: line 66: kill: (5333) - No such process
Index(es):
- Chronological
- Thread