Clément OUDOT wrote: > 2014-03-01 20:07 GMT+01:00 Michael Ströder <michael@stroeder.com>: > >> Clément OUDOT wrote: >>> An entry that is not associated to a password policy (and no default >>> ppolicy configured) should not own any ppolicy operational attribute. >> >> Why? >> >> 'pwdFailureTime' is declared as >> >> NO-USER-MODIFICATION >> USAGE directoryOperation >> >> and is not referenced in any object class at all. > > But it is an operational attribute of password policy, and it is loaded > with ppolicy overla. So what? Can you please point me to any text saying that 'pwdFailureTime' MUST NOT be used if password lockout is not used and especially why? >> In the context of this discussion you can only argue that it should or >> should >> not be replicated. But ITS#7788 is not a bug. It's just a certain >> implementation. > > It is your point of view, not mine. An OpenLDAP developer should give its > own. Yes, it's my personal view. Just like saying ITS#7788 is a bug is yours. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature