[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RE : LDAP/PHP: Trying to add account -> text=attribute loginShell not allowed



>Maybe it's because you have -1 for ShadowMin and ShadowInactive. Try
>putting a positive value or not putting it at all just to see what it'll
>do.

According to my schema ShadowMin and ShadowInactive (along with all the 
shadow attributes) are in the MAY clause of the shadowAccount objectclass.  
So if you don't have any legitimate value, don't put a value it.  There is 
no need for place holders.  NSS/PAM will understand, as should any devent 
LDAP app.

-- 
-----------------------------------------------------------
Ximian GNOME, Evolution, LTSP, and RedHat Linux + LVM & XFS
-----------------------------------------------------------