Hi! I noticed that one user has multiple pwdGraceUseTime attributes like this: pwdGraceUseTime: 20190409095627Z pwdGraceUseTime: 20190605063107Z pwdGraceUseTime: 20190614121258Z pwdGraceUseTime: 20190723062401Z
I don't understand: Doesn't the pwdGraceUseTime record how long/often the user may login despite of an expired password? For the example given, I assume the user has changed the password a few time since the inital grace login. So aren't the older pwdGraceUseTime attributes removed after the password was changed? Or can this happen if some admin chnages the password using some plain replace operation? Regards, Ulrich
