I am trying to get version 3.5.2 with LPPE working against Active Directory. When I point ldap.authentication.lppe.dateAttribute to the pwdlastset attribute CAS bombs out with the following below. Any advice on how to get this work would be appreciated.
2013-10-15 15:03:43,423 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordPolicyEnforcer] - <Recalculated ActiveDirectory pwdLastSet attribute to 2013-06-04T16:23:46.000Z> 2013-10-15 15:03:43,424 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordPolicyEnforcer] - <Current date is 2013-10-15T19:03:43.424Z> 2013-10-15 15:03:43,425 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordPolicyEnforcer] - <Expiration date is 2013-09-02T16:23:46.000Z> 2013-10-15 15:03:43,446 ERROR [org.jasig.cas.adaptors.ldap.LdapPasswordPolicyEnforcer] - <Authentication failed because account password has expired with -43 to expiration date. Verify the value of the pwdLastSet attribute and make sure it's not before the current date, which is 2013-10-15T19:03:43.424Z> :Authentication failed because account password has expired with -43 to expiration date. Verify the value of the pwdLastSet attribute and make sure it's not before the current date, which is 2013-10-15T19:03:43.424Z Thanks, Steve -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
