|
Hi, I exported some databases into LDIF files (db2ldif) and imported them in DS8.1 freshly installed. Then, I went to the "o=" subtree and activated password policy like this "Users much change their passwords after 1 day". I took a user in this subtree and changed the password. Normally, I should see a new attribute "PasswordExpirationTime" but it seems not. So, as a test, I created a new o= subtree like this: o=TestPwd,dc=test,dc=net Then, I created a new user inside it: ebobo After, I activated a password policy, I saw that two entries were created in this subtree like this: cn=nSPwPolicyContainer,o=TestPwd,dc=test,dc=net (two entries inside) "cn=nsPwPolicyEntry,o=TestPwd,dc=test,dc=net" (I can see this attr: passwordexp on) "cn=nsPwTemplateEntry,o=TestPwd,dc=test,dc=net" cn=nsPwPolicy_CoS,o=TestPwd,dc=test,dc=net I changed ebobo's password and I still doesn't see the new attribute "PasswordExpirationTime" in "Advanced properties" in the console. If I check on "Show all Allowd Attributes", I can see this attribute but it isn't set. I tried to set the PasswordExpirationTime myself in ebobo's account in this format: 200901011223Z but this account isn't de-activated because of the expiration time, I can still log-on on some sites with this account. I took a look in access/error logs and there were not errors, only normal operations. I can provide it if needed. I'm wondering if there's any other step to successfully activate the max age password policy ? Thank you! Live connected. Get Hotmail & Messenger for mobile. |
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
