[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ppolicy+syncrpl: pwd* attributes lost

To: "Chris G. Sellers" <Chris.Sellers@nitle.org>
Subject: Re: ppolicy+syncrpl: pwd* attributes lost
From: "Gavin Henry" <ghenry@OpenLDAP.org>
Date: Thu, 26 Jun 2008 21:22:10 +0100 (BST)
Cc: openldap-software List <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <4A8CB69F-E3A0-4375-BE19-5122465811FB@nitle.org>
Openpgp: id=796B1E87DB73BEA8
References: <8B41FFBB-E0D6-4FCC-A74D-B129E1D464FB@nitle.org> <4863947A.1070404@OpenLDAP.org> <4A8CB69F-E3A0-4375-BE19-5122465811FB@nitle.org>
User-agent: SquirrelMail/1.4.13-1.fc8

<quote who="Chris G. Sellers">
> Ok, I did find part of my error.  It was not explicitly named in the
> syncrepl statement.  I added pwdChangedTime and pwdHistory to the
> syncrepl attrs line and it does sync them now -- but only if they
> already exist.  The account does not have a pwdChangedTime, and you
> change the password on servera, serverb does not get the attribute
> populated.  I will have to monitor the logs to see.
>
> Thanks for making me think different about the problem.
>
>
> --line changed --
>
> attrs
> =
> "*,structuralObjectClass
> ,entryUUID
> ,entryCSN
> ,creatorsName
> ,createTimestamp,modifiersName,modifyTimestamp,pwdPolicySubentry"
>
>

Why not just leave it as default:

"The attrs list defaults to "*,+" to return all user and operational
attributes, and attrsonly is unset by default."

-- 
Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.

http://www.openldap.org/project/

References:
- ppolicy+syncrpl: pwd* attributes lost
  - From: "Chris G. Sellers" <chris.sellers@nitle.org>
- Re: ppolicy+syncrpl: pwd* attributes lost
  - From: Gavin Henry <ghenry@OpenLDAP.org>
- Re: ppolicy+syncrpl: pwd* attributes lost
  - From: "Chris G. Sellers" <Chris.Sellers@nitle.org>

Prev by Date: Re: ppolicy+syncrpl: pwd* attributes lost
Next by Date: Re: ppolicy+syncrpl: pwd* attributes lost
Index(es):
- Chronological
- Thread