On Sat, Nov 21, 2015 at 4:25 AM, Kiran Ayyagari
wrote:
> On Sat, Nov 21, 2015 at 4:54 AM, Hal Deadman
> wrote:
>
> > I am trying to lock a user by a setting the pwdAccountLockedTime
> > to 0101Z but I only seem to be able to do that as admin,
On Sat, Nov 21, 2015 at 7:50 PM, Jim Willeke wrote:
> Does ApacheDS support the pwdEndTime from
> https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 ?
>
it does
>
> This attribute specifies the time the entry's password becomes invalid for
> authentication.
Does ApacheDS support the pwdEndTime from
https://tools.ietf.org/html/draft-behera-ldap-password-policy-10 ?
This attribute specifies the time the entry's password becomes invalid for
authentication. Authentication attempts made after this time will fail,
regardless of expiration or grace
I am trying to lock a user by a setting the pwdAccountLockedTime
to 0101Z but I only seem to be able to do that as admin, not as
another user with an ACI granting them all rights to all user attributes. I
realize pwdAccountLockedTime is an operational attribute so that makes
sense.
Two