[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with Password Policy Overlay - Password Reset

To: Shawn McKinney <smmtech2@sbcglobal.net>
Subject: Re: Problem with Password Policy Overlay - Password Reset
From: Howard Chu <hyc@symas.com>
Date: Tue, 16 Aug 2005 15:22:44 -0700
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <20050816180303.21463.qmail@web80723.mail.yahoo.com>
References: <20050816180303.21463.qmail@web80723.mail.yahoo.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050810 SeaMonkey/1.0a

Shawn McKinney wrote:

Running version 2.3.4 on Linux - RHE4.

2.3.5 has been released, and there are 2-3 minor fixes to ppolicy included. You should upgrade.

Experimenting with PPolicy Overlay features.  Password
reset usage question:
Is it OK for applications to modify user operational attribute pwdReset?

Yes.

When I set user's pwdReset flag to true, user can't
authenticate, exception returned:
Operations are restricted to
bind/unbind/abandon/StartTLS/modify password;
Insufficient access
This is fine as user's password has been reset and they will need to change it.

What do you mean by "user can't authenticate" ? Certainly they should still be able to Bind.

--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/

Follow-Ups:
- Re: Problem with Password Policy Overlay - Password Reset
  - From: Shawn McKinney <smmtech2@sbcglobal.net>

References:
- Problem with Password Policy Overlay - Password Reset
  - From: Shawn McKinney <smmtech2@sbcglobal.net>

Prev by Date: cachesize does not exceed 1000 entries
Next by Date: Re: LDAP replication with SLURPD
Index(es):
- Chronological
- Thread