Ldap password policy not throwing different errors

To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>

Subject: Ldap password policy not throwing different errors

From: Idan Fridman <idanf@cellebrite.com>

Date: Sun, 5 Jan 2014 15:13:51 +0000

Accept-language: en-US

Content-language: en-US

Thread-index: Ac8KKLGL9XOI5sLvRx++toMX5zgapQ==

Thread-topic: Ldap password policy not throwing different errors

Hi,

I use ppolicy overlay and enabled ppolicy_use_lockout to separate between invalid password and locked accounts.

database bdb

suffix "dc=openiam,dc=com"

rootdn "cn=Manager,dc=openiam,dc=com"

rootpw "{SSHA}2ttRoo/t5HuMT2nPxtI6goVUML5R2H9h"

# PPolicy Configuration

overlay ppolicy

ppolicy_default "cn=default,ou=policies,dc=openiam,dc=com"

ppolicy_use_lockout

ppolicy_hash_cleartext

I tried to lock user account by entering wrong password couple of times (pwdMaxFailure)

The user is being locked but when I try to login again I still get the same error:

Invalid credentials (49)

Any idea why i am not getting diffrent error to disticnt between the cases?

thanks,

ray.

This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail.