Hi guys, We need to implement password expiration because of some policy. The problem is users are not able to bind to ldap anymore, after I switch on password expiration for our ou=People subtree . The ldap command line tools and 389-console both just hang forever when trying to connect. This happens even when the user changes the password right before switching on the password expiration so the password cannot be expired yet. When I use the wrong password, then I get "ldap_bind: Invalid credentials (49)", but when I use the correct password, then it's just a hang. If I switch off password expiration then everything returns to normal again. I've followed the guide at https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/User_Account_Management.html#Configuring_the_Password_Policy-Configuring_a_SubtreeUser_Password_Policy_Using_the_Console I've tried both 389ds 1.2.11.32 on CentOS 6 and 389ds 1.3.2.23 on Fedora 20 with the same results. Is password expiration working in 389ds at all? Thanks in advance, Paul Tobias -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
