Between 2.3.6 and 2.3.7 I made a schema change to follow draft-09 of the password policy spec. It appears this was a bad idea, as it prevents you from deleting the pwdAccountLockedTime attribute. (In the development source, you can use the ManageDIT control to accomplish it, but this control wasn't enabled in the Release code.) If you grab the current ppolicy.c from CVS HEAD this problem is fixed, some of the draft-09 schema changes are undone so that you can still manipulate these attributes.Hi all,
I am testing the password policy in OL 2.3.7 on a Debian Linux Sarge server.
I managed to lock an account after intentionally binding with a wrong
password 3 times. Now how can I unlock the account? I looked at the man
page for slapo-ppolicy and the draft-behera-ldap-password-policy-xx.txt
file. But couldn't find anything.
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/