[Date Prev][Date Next] [Chronological] [Thread] [Top]

Expected operation of pwdFailureCountInterval

To: openldap-technical@openldap.org
Subject: Expected operation of pwdFailureCountInterval
From: Tom Jay <web@tomjay.co.uk>
Date: Wed, 27 Feb 2019 11:05:16 +0800
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tomjay.co.uk; s=default; h=Message-ID:Subject:To:From:Date: Content-Transfer-Encoding:Content-Type:MIME-Version:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=fcJwHPOxm4uEVFfhSwK7M/bC07Om5LBKGIy75gSk1vs=; b=B2oIG3ThsgnPHEgG7NxgCuse9 zY2t2ewoKrFdHKyzpLY53lGNb85BTL6jMZLOJX4dpGmpKILONXBs276yMi9A55OOzpqdBvdcaPYq6 dfOl42VwDbB2JjIkUmX/IyanblHBdbIWZSq9hzu7ctcCPtpBtSwQFAjNre24mQCE2d4VFTmsshBYT gmNkDVZ2ebq8rmFdjorOZClM/lVf4nJAF0i38UAOBoFBPy8UNhBW4j4FGRMsJkrAhdg0NiSsB4tCF /8I1MWDa3p5Bfs3TgWsSPybfPWHBxuWTTMSFE49miFoOBvcksLp8tCoyTmWKOza49bA+OfcGp7m9R dsNHHUhYA==;
User-agent: Roundcube Webmail/1.3.6

Hello,

Can someone explain the expected operation of thepwdFailureCountInterval attribute please? The documentation seems to befairly clear, but if I add it to the password policy, along with someother attributes, the account remains locked, even after thepwdFailureCountInterval time. Despite authenticating with a validpassword, the pwdFailureTime entries remain and the account remainslocked.


These are the attributes in use:
pwdLockout: TRUE
pwdMaxFailure: 5
pwdFailureCountInterval: 1200

Thanks.

Tom

Follow-Ups:
- Re: Expected operation of pwdFailureCountInterval
  - From: Clément OUDOT <clement.oudot@worteks.com>

Prev by Date: Re: setting up openldap to proxy to AD on SUSE ENT 12
Next by Date: slapd-sock Overlay gives no RESULT on Successful BIND
Index(es):
- Chronological
- Thread