[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with Password Policy Overlay - Password Reset



Running version 2.3.4 on Linux - RHE4.

Experimenting with PPolicy Overlay features.  Password
reset usage question:

Is it OK for applications to modify user operational
attribute pwdReset?  

When I set user's pwdReset flag to true, user can't
authenticate, exception returned:
Operations are restricted to
bind/unbind/abandon/StartTLS/modify password;
Insufficient access

This is fine as user's password has been reset and
they will need to change it.

My problem is when I change user's password, I have to
reset the pwdReset flag to FALSE.   Anytime I do this,
the slapd process does not allow any operations by any
user until I restart.  

For example.  After clearing a user's pwdReset flag, a
different user can't search, even if this different
user is administratorin this case the user is root.

I get same error:
error result (50); Operations are restricted to
bind/unbind/abandon/StartTLS/modify password;
Insufficient access