I need some help understanding the difference between password policy for user versus subtree and where it needs to be set. Using the 389 console gui, I see that I can set the password policy under the configuration tab in the data section. I am thinking this creates a global policy? - but this did not lock out my test account after I told it to lock out after 5 failed password attempts. So I went to the directory tab, and on the subtree where my test account is located, used the subtree option to set the same password and lockout policy that I set under configuration tab. -- same result, my test account did not lock out. So then in the same directory tab subtree, I tried the user option, and same old same old - no lock out. Can anyone point me to where I am going wrong? If I go to my actual user account, I can lock myself out that way but that will get pretty old for 2000 users. thanks EJ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
