I think it should return the pwexpired control. But according to this> Am I missing something? Anyone else have a cleaner way
> of determining that it's a grace period login?
http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-7.4
you should be able to determine how many grace logins are remaining?
Ok so I changed my code to request the passwordPolicy on bind and after lots of fun trying to figure out how to parse BER it does return the grace logins remaining during the grace period which is better than manually searching and figuring it out on my own but hopefully my bug will get fixed at some point.
Thanks,
Aaron Hagopian
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
