Running version 2.3.4 on Linux - RHE4.2.3.5 has been released, and there are 2-3 minor fixes to ppolicy included. You should upgrade.
Yes.Experimenting with PPolicy Overlay features. Password reset usage question:
Is it OK for applications to modify user operational
attribute pwdReset?
What do you mean by "user can't authenticate" ? Certainly they should still be able to Bind.When I set user's pwdReset flag to true, user can't authenticate, exception returned: Operations are restricted to bind/unbind/abandon/StartTLS/modify password; Insufficient access
This is fine as user's password has been reset and
they will need to change it.
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/