On 02/28/2017 04:25 AM, Predrag Zečević - Technical Support Analyst wrote: > On 02/28/17 08:25 AM, tuan88@xxxxxxxxx wrote: >> h >>>> passwordHistory is not set in your policy config, thus it is not >>>> beingen forced: >> yes it is, i had set it the last many years >> pls see the screendump in my first thread >> >> Policy settings from GUI: >> www.chezmoi.dk/389-passwd-not-expire.png >> >> bt Tuan >> _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> > > Hi all, > > I can confirm that something is wrong, also in 389-ds-base-1.3.5.14 > (e.g. also having same problem). Make sure you are NOT using Directory manager to change passwords. Directory manager bypasses password policies. > > Some users are not forced to change password although it has been > expired upon rules of our PP, and that is purely random situation... > Moreover, I have not found anything which might cause it. > > What would be best way to debug that (considering that it does not > happen so often, so switching debug log to any of values from > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Configuration_and_Command-Line_Tool_Reference/error-logs.html > could be not so useful)? > > With best regards. > Predrag Zečević > _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
