On Wed, Nov 01, 2006 at 02:50:14PM +0100, Jo De Troy wrote: > > as far as I understand you should not be using the shadowAccount > objectClass attributes to get this behaviour but you should be > configuring the password policies instead. Hi all, Sorry to be a pest with this, but I am so close. I went back to using shadowAccount and have it all behaving just as I need with one acception. When a client uses successfully changes their password, the userPassword attribute is changed in LDAP, but the shadowLastChange is not updated to the current day, and the password is still being interpreted as expired. This occurs with FDS 1.0.2 and 1.0.3. So I am not chasing an unattainable goal, should shadowLastChange be getting updated at the same time and procedure as is userPassword? Thanks. -- - Kyle --------------------------------------------- kylet at panix.com http://www.panix.com/~kylet ---------------------------------------------
