[Issue 10379] New: lastbind change prevents ppolicy response from reaching accesslog

31 Jul 2025


      https://bugs.openldap.org/show_bug.cgi?id=10379
Issue ID: 10379
           Summary: lastbind change prevents ppolicy response from
                    reaching accesslog
           Product: OpenLDAP
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: ondra@mistotebe.net
  Target Milestone: ---
When "lastbind on" and ppolicy are configured together, the pwdLastSuccess
update triggers an accesslog entry (using op->o_time, op->o_tincr), then
ppolicy_bind_response issues its own modification and since the time was copied
in lastbind, an entry of the same name already exists. This means the ppolicy
change is lost (and e.g. won't replicate).
Note that slapo-lastbind (=the contrib overlay) probably has the same impact.
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 10379] New: lastbind change prevents ppolicy response from reaching accesslog