Hi, I am doing some experiements with account lockout password policy. The account is locked out after many wrong password tries. Then If bind with correct password, the result is #<OpenStruct extended_response=nil, code=19, error_message="Exceed password retry limit. Please try later.", matched_dn="", message="Constraint Violation"> if bind with wrong password, the result is #<OpenStruct extended_response=nil, code=49, error_message="", matched_dn="", message="Invalid Credentials"> So attacker can still continue to try/guess different passwords until he get the result of : code=19, error_message="Exceed password retry limit. Please try later.". Thank you. _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
