‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday 5 March 2020 10:10, Dieter Klünter <die...@dkluenter.de> wrote:
> Am Wed, 04 Mar 2020 13:36:08 +0000 > schrieb Manuela Mandache manuela.manda...@protonmail.com: > > > Hello all, > > We have a directory running on OpenLDAP 2.4.44 with the ppolicy > > overlay on the main database. When a new entry with a userPassword > > defined is created, pwdChangedTime is not defined, so this initial > > userPassword never expires. > > The directory has been migrated from its OpenLDAP 2.3.34 instance > > (yes, we missed some steps...), and there the pwdChangedTime is set, > > and naturally equal to createTimestamp. > [...] > The password attribute value must be set by a password modify exented > operation in order to set password policy in effect, see man > slapo-ppolicy(5) > > -Dieter > Thank you for the answer. It's the change of behavior between OpenLDAP 2.3.34 and 2.4.44 which surprised me. Regards, Manuela
