[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password policy can't replicate in openldap 2.4.8



I have created the lastlogintime attribute and lastfailurelogintime attribute (user defined attribute).

For each time I input the wrong password, I will also update the lastfailurelogintime attribute, then, after 3 failure attempt (I set 3 times login failure attempt in password policy), the attribute pwdAccountLockedTime will then be replicated.

It's strange.....



Gavin Henry wrote:

Paul Lee wrote:

Dear sir,

I found that the account policy can't be replicated in openldap 2.4.8

I setup 2 servers, with Mirror mode. Then, I added the password policy and some user accounts in server 1, I then startup server 2, the user accounts are replicated to server 2.


[snip]

mirrormode on
serverID   1

slapd.conf in server 2 :

# Password policy
overlay ppolicy
ppolicy_default "cn=default,ou=Policies,o=HKSARG"

overlay syncprov
#access to * by dn="cn=Manager" write by * read
access to * by * write
access to * by * read


Are these your only ACLs?

What do your logs indicate?



Confidential Communication - This e-mail (including any attachments) is confidential and may be legally privileged. If this e-mail has been sent to you by mistake please inform us by reply e-mail and then delete the e-mail, destroy any printed copy and do not disclose or use the information in it.