On Tuesday 04 March 2008 07:56:26 Zhang Weiwu wrote: > Hello. I've been working on a system with low security requirement and > high usability requirement. I uses ppolicy overlay and enabled > ppolicy_use_lockout to avoid people gets confused when they failed to > login too many times: > > suffix "st=jiangxi,o=LGOP" > rootdn "userid=admin,st=jiangxi,o=LGOP" > rootpw [...] > overlay ppolicy > ppolicy_default "st=jiangxi,o=LGOP" > ppolicy_use_lockout > > Restart openldap server and test again by trying to bind with the wrong > password enough times (in my case, 20 times). Then try to bind with the > right password: > > ldapsearch -H ldap://gtz.ods.org/ -xD ou=江西省,st=jiangxi,o=LGOP -W > ou=*余干* areacode > ldap_bind: Invalid credentials (49)
Enable the ppolicy control with "-e ppolicy", and you will get the correct message. Regards, Buchan
