Full_Name: Angelo Rossini Version: OpenLDAP-LTB 2.4.44.1 OS: Debian 8 x86-64 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (130.186.19.204)
Hi,
I'm using the password policy overlay with this configuration:
pwdAttribute: userPassword pwdAllowUserChange: TRUE pwdCheckModule: /usr/local/openldap/lib64/check_password.so pwdCheckQuality: 2 pwdExpireWarning: 432000 pwdFailureCountInterval: 300 pwdGraceAuthNLimit: 0 pwdInHistory: 5 pwdLockout: TRUE pwdLockoutDuration: 120 pwdMaxAge: 63072000 pwdMaxFailure: 5 pwdMinAge: 0 pwdMinLength: 8 pwdMustChange: TRUE pwdSafeModify: TRUE
When I try to change the password and the password is one of the last five in history I find that attributes pwdChangedTime and modifyTimestamp have changed their values.
I think that this behaviour is quite strange, because I haven't changed anything on the entry.
Can someone explain me if is possible to avoid this behaviour?
Regards,
Angelo.