Hi!
We are using using nsAccountLock=true to lock user accounts. We also
have dovecot authenticating users against the 389DS.
If we set nsAccountLock=true, then we get
Oct 20 14:39:30 SERVER dovecot: auth: Error:
ldap(USERNAME,193.X.Y.Z,<aaaaaaaaaaaaaaaa>): ldap_bind() failed: Server
is unwilling to perform
Oct 20 14:39:31 SERVER dovecot: auth:
ldap(USERNAME,193.X.Y.Z,<aaaaaaaaaaaaaaaa>): Falling back to expired
data from cache
Dovecot thinks the server is not working properly so it reads login info
from its cache and authentication succeeds.
Can I set 389DS to return a different response?
Something that says: "User is locked" or "Authentication failed"...
Kind regards, Mitja
--
--
Mitja Mihelič
ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia
tel: +386 1 479 8800, fax: +386 1 479 88 99
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
