[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: pwdReset: TRUE not working
Clément OUDOT wrote:
> 2012/10/5 Guillaume Rousse <guillomovitch@gmail.com>:
>> Le 05/10/2012 16:50, Jason Cwik a écrit :
>> AFAIK, pwdReset TRUE just prevent the user to perform operation on the
>> directory, but doesn't change anything on the bind operation. It means
>> non-ppolicy aware client (apache mod_ldap, for instance) wont notice
>> anything...
>
> Right. You still can :
> - BIND
> - MODIFY userPassword attribute
>
> These operations are required to change a password...
Yes, and BIND is the operation required to login to other systems. So user
won't notice anything if the LDAP client does not honor the ppolicy response
control.
Ciao, Michael.