I'd like to add one clarification to this message. I named the attached test script that illustrates the two RESULT messages problem test099-ppolicy-update, per Howard's previous advice not to duplicate existing names. But I just realized that this script relies on the same data files that I previously submitted (slapd-ppolicy.conf, ppolicy.ldif) so when running this script please ensure that those files are in place.

Thanks, -Kartik On 02/02/2011 11:50 AM, Kartik Subbarao wrote: >>> Another problem is that bind operations to the consumer server start to > >> return two result messages -- one with the error code of the chained > >> operation, and one with the error code of the bind operation. > > I'm continuing to see this problem, even after I fix the acl-bind and > the 'manage' ACL configuration. See the attached for an updated test > script that illustrates the problem -- I've added a bind with an > incorrect password which should return 49, but instead is returning 0 to > the client. > > The last line of output from the test script is: > > ldap bind operation returned 0, expected 49 > > For the relevant operation in slapd.2.log, I see the following: > > conn=1003 op=0 RESULT tag=103 err=0 text= > [...] > conn=1003 op=0 RESULT tag=97 err=49 text= > > slapd is returning two RESULT messages for the BIND operation. Error 0 > seems to be from the successful chained modification of the > pwdFailureTime attribute, and Error 49 seems to be for the incorrect > password. > > -Kartik