--=-OBICNroNT6O1Nc+JWJc8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Michael,
noel debian.org wrote:
IMHO it is a bug that the ppolicy adds the PWDFAILURETIME attribute to D=
N's
which don't have a userPassword attribute and cannot get one.
Hmm, this is somewhat debatable. I'm not sure. But I also don't see any h=
arm
in the current behaviour. It's surely the client configuration which need=
s to
:(
be fixed.
In my case the behaviour is pollution my data with unneeded and unwanted data in ous which I want to prevent. I don't have control over the clients so sadly I cannot fix the source of the problem (the requests). The PWDFAILURETIME (and PWDACCOUNTLOCKEDTIME) is only useful when there is a userPassword: attribute ( when using pwdAttribute: userPassword). Is there any chance that the behaviour is accepted as a problem?
--=20 No=C3=ABl K=C3=B6the <noel debian.org> Debian GNU/Linux, www.debian.org
--=-OBICNroNT6O1Nc+JWJc8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
--=-OBICNroNT6O1Nc+JWJc8--