Hi,
I use ppolicy overlay and enabled ppolicy_use_lockout to separate between
invalid password and locked accounts on openldap.
database bdb
suffix "dc=openiam,dc=com"
rootdn "cn=Manager,dc=openiam,dc=com"
rootpw "{SSHA}2ttRoo/t5HuMT2nPxtI6goVUML5R2H9h"
# PPolicy Configuration
overlay ppolicy
ppolicy_default "cn=default,ou=policies,dc=openiam,dc=com"
ppolicy_use_lockout
ppolicy_hash_cleartext
I tried to lock a user account by entering a wrong password couple of times
(pwdMaxFailure)
The user is being locked but when I try to login again I still get the same
error:
Invalid credentials (49)
the slapo-ppolicy(5) main page states quite clearly that ppolicy_use_lockout
only affects the ppolicy response control. CAS must Bind using the ppolicy
request control in order to generate this result code.
Is cas binding this way?
thanks.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
