Hello,
I have problem with the olcPPolicyForwardUpdates option that seem not
working : On master and slave, I configured Ppolicy with pwdLockout.
When I try to connect on master with a bad password, the pwdFailureTime
attribute of the entry is successfully updated, but not if I do the same
on the slave. On slave, my ppolicy configuration is exactly the same as
on master but I add olcPPolicyForwardUpdates=TRUE. I also configured the
chain overlay and the updateref parameter on the database.
Extract of my slave configuration :
olcDatabase={1}mdb,cn=config
[...]
olcSyncrepl: [...]
olcUpdateRef: ldaps://ldap-master
olcOverlay={0}chain,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcChainConfig
objectClass: top
olcOverlay: {0}chain
olcChainReturnError: TRUE
olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={1}mdb,cn=config
objectClass: olcLDAPConfig
objectClass: olcChainDatabase
objectClass: top
olcDatabase: {0}ldap
olcDbURI: ldaps://ldap-master
olcDbIDAssertBind: bindmethod=simple binddn="[same user used in
olcSyncrepl of the database]" credentials="secret" mode=self
olcDbRebindAsUser: TRUE
olcOverlay={1}ppolicy,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcPPolicyConfig
objectClass: top
olcOverlay: {1}ppolicy
olcPPolicyHashCleartext: TRUE
olcPPolicyUseLockout: TRUE
olcPPolicyForwardUpdates: TRUE
Do you have any idea of what I doing wrong ?
Thanks,
--
Benjamin Renard - Easter-eggs
44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité
Phone: +33 (0) 1 43 35 00 37 - mailto:bren...@easter-eggs.com
