We seem to have something odd going on with our password policy. I configured global password policy on our LDAPs so that all accounts under our userRoot subtree expire, then under the subtrees that contain our service accounts I configured to never expire. But I just noticed that the accounts under those subtrees actually have expiration date attributes. I went into one of the accounts and set the password policy explicitly on that account, but the attribute still shows that it is going to expire two days from now. So I'm waiting to see what happens in two days - will the password policy that I set for the subtree/user work, or will it expire because the attribute is set to make it expire. I'm kind of confused as to why it would even have that attribute set when the subtree is set to never expire. EJ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
