Which OpenLDAP version? You can search for the message in source file servers/slapd/overlays/ppolicy.c
Reading the comment setting warn = 0 should not happen. Does uid=testuser,ou=domain,dc=org really have a correct 'pwdChanged' attribute value? Ciao, Michael. Ulrich Windl wrote: > Hi! > > Can someone explain what this message is actually saying: > slapd[3990]: ppolicy_bind: Setting warning for password expiry for > uid=testuser,ou=domain,dc=org = 0 seconds > > Does this mean a user who mistyped his password before logged in successfully > now? > > I saw no change to the LDAP database after this message, so what is changed, > and where is it cahnged? Also those "0 seconds" don't match my password > policy, which looks like this (still testing): > > -- > objectClass: namedObject > objectClass: pwdPolicy > cn: PP-Default > pwdAttribute: userPassword > pwdMinAge: 30 > pwdMaxAge: 86400000 > pwdInHistory: 3 > pwdCheckQuality: 1 > pwdMinLength: 8 > pwdExpireWarning: 604800 > pwdGraceAuthNLimit: 5 > pwdLockout: TRUE > pwdLockoutDuration: 1800 > pwdMaxFailure: 10 > pwdFailureCountInterval: 1209600 > pwdMustChange: TRUE > pwdAllowUserChange: TRUE > pwdSafeModify: FALSE > -- > > I'm running SLES11 SP3... > > Regards, > Ulrich
smime.p7s
Description: S/MIME Cryptographic Signature
