I'm using perLDAP to update an LDAP directory. The password policy is set to require a password life of 90 days. Unfortunately, my customer wants new accounts to be pre-expired. I have the code set to set the attribute passwordexpirationtime to a date in the past. It works most of the time, but sometimes, the passwordexpirationtime has two values, one that I set, and one 90 days out. As near as I can tell, there is one value for this attribute while it is under my control, but at some point in the future it gets mucked up. This is with perLDAP version 1.4, which I thought was pretty robust.
Any suggestions??
