> Samuel Tran wrote: >> Hi all, >> >> I am testing the password policy in OL 2.3.7 on a Debian Linux Sarge >> server. >> >> I managed to lock an account after intentionally binding with a wrong >> password 3 times. Now how can I unlock the account? I looked at the man >> page for slapo-ppolicy and the draft-behera-ldap-password-policy-xx.txt >> file. But couldn't find anything. >> > Between 2.3.6 and 2.3.7 I made a schema change to follow draft-09 of the > password policy spec. It appears this was a bad idea, as it prevents you > from deleting the pwdAccountLockedTime attribute. (In the development > source, you can use the ManageDIT control to accomplish it, but this > control wasn't enabled in the Release code.) If you grab the current > ppolicy.c from CVS HEAD this problem is fixed, some of the draft-09 > schema changes are undone so that you can still manipulate these > attributes. > > Also with the version in CVS, resetting the password automatically > unlocks the account. >
Thanks Howard! I am liking the ppolicy a lot! I cannot wait for the release of 2.3.8. Regards, Sam
