Hello List, Being in the midst of evaluating and hopefully migrating to FDS soon. I have stumbled onto a odd problem. My user information is kept in the People container. We have been using shadowExpire / shadowLastChange fields. This all seems to work except when a user's account is ready to expire and is prompted to change their password. Using passwd, the user can change the password, but the system continues to prompt for a new password upon each successive login. Looking at the data, the shadowExpire / LastChange never get updated. I am also not seeing any errors being generated in the logs. I can manually update those fields and the problem goes away. But I guess I thought passwd / nss_ldap / pam would update those fields as needed. Looking in the docs, all I see is configuring a password policy. But that seems to be directed at users actually connecting to the directory via console / ldapsearch, etc.... Initially I thought I was having some ACI issues but I am really not sure. It could be that I need to drop the shadow stuff and configure the password policy? Advice or suggestions on what I am missing or where I have gone wrong? TIA -- Jim Summers School of Computer Science-University of Oklahoma -------------------------------------------------
