Guillaume Rousse wrote: > The following ldif fragment: > dn: uid=melancon,ou=saclay,ou=futurs,ou=users,dc=futurs,dc=inria,dc=fr > changetype: modify > replace: userpassword > userpassword: XXXXX > - > replace: gidnumber > gidnumber: 5050 > - > replace: homedirectory > homedirectory: /home/gravite/melancon > - > delete: pwdAccountLockedTime > > causes the server to choke with error: > ldapmodify: No such attribute (16) > additional info: modify/delete: pwdAccountLockedTime: no such > attribute > > However, when removing other changes, and keeping only > pwdAccountLockedTime deletion, everything works OK....
You likely 1. enabled slapo-ppolicy, 2. set the userPassword attribute and 3. disabled slapo-ppolicy afterwards. Since schema declaration of attribute type pwdAccountLockedTime is hard-coded in slapo-ppolicy and slapo-ppolicy also sets this operational attribute you now have an entry which contains an attribute for which no schema information is available anymore. This also happened to me when having a master with slapo-ppolicy enabledn and having a consumer replica with slapo-ppolicy disabled. Ciao, Michael.
