Full_Name: Dan Cushing
OS: Solaris 9
Submission from: (NULL) (220.127.116.11)
When running OpenLDAP with the ppolicy overlay, the modifyTimestamp for a user
entry is updated if the user attempts to login (bind) with an incorrect
password. This is happening because the password lockout feature is enabled and
the operational attribute 'pwdFailureTime' is being updated. It seems like this
results in a misleading modifyTimestamp. Is it intended that the
modifyTimestamp attribute be updated when operational attributes are updated?
Hadn't really thought about it before. We can certainly avoid this though.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/