>>Hi,
>>
>>I don't see a problem description anywhere in this email. What exactly
is the issue you are facing with ppolicy
Sorry. Essentially, I'm trying to replicate the tests done specifically
to test account lockout when you run 'make test' after compiling
openldap.
Here is a slapcat of my directory:
[root@dgovit-pap02 sbin]# ./slapcat
dn: dc=ttpua,dc=portal
dc: ttpua
objectClass: dcObject
objectClass: organizationalUnit
ou: TTPUA Portal
structuralObjectClass: organizationalUnit
entryUUID: f0a9c1ec-dd27-102a-9bfc-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000000#00#000000
dn: ou=users,dc=ttpua,dc=portal
ou: users
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b2c404-dd27-102a-9bfd-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000001#00#000000
dn: ou=system,ou=users,dc=ttpua,dc=portal
ou: system
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b3d042-dd27-102a-9bfe-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000002#00#000000
dn: ou=portal,ou=users,dc=ttpua,dc=portal
ou: portal
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b4b8c2-dd27-102a-9bff-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000003#00#000000
dn: ou=disabled,ou=portal,ou=users,dc=ttpua,dc=portal
ou: disabled
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b5a19c-dd27-102a-9c00-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000004#00#000000
dn: ou=active,ou=portal,ou=users,dc=ttpua,dc=portal
ou: active
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b663e8-dd27-102a-9c01-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000005#00#000000
dn: ou=pending,ou=portal,ou=users,dc=ttpua,dc=portal
ou: pending
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b750fa-dd27-102a-9c02-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000006#00#000000
dn: ou=roles,dc=ttpua,dc=portal
ou: roles
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b839e8-dd27-102a-9c03-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000007#00#000000
dn: ou=portal,ou=roles,dc=ttpua,dc=portal
ou: portal
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0b92a9c-dd27-102a-9c04-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000008#00#000000
dn: ou=policies,dc=ttpua,dc=portal
ou: policies
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0ba10ec-dd27-102a-9c05-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#000009#00#000000
dn: ou=portal,ou=policies,dc=ttpua,dc=portal
ou: portal
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: f0bafb4c-dd27-102a-9c06-3fef944328a2
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920191410Z
modifyTimestamp: 20060920191410Z
entryCSN: 20060920191410Z#00000a#00#000000
dn: cn=std,ou=portal,ou=policies,dc=ttpua,dc=portal
objectClass: pwdPolicy
objectClass: top
objectClass: device
cn: std
pwdAttribute: userPassword
pwdMaxAge: 7516800
pwdExpireWarning: 432000
pwdInHistory: 6
pwdCheckQuality: 1
pwdMinLength: 8
pwdMaxFailure: 4
pwdLockout: TRUE
pwdLockoutDuration: 1920
pwdGraceAuthNLimit: 0
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
structuralObjectClass: device
entryUUID: b0976292-dd29-102a-8aff-4f205a2326f4
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920192642Z
modifyTimestamp: 20060920192642Z
entryCSN: 20060920192642Z#000000#00#000000
dn: ou=testing,ou=portal,ou=users,dc=ttpua,dc=portal
ou: testing
objectClass: top
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: badddc52-dd30-102a-8afe-613291c80c74
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920201706Z
entryCSN: 20060920201706Z#000000#00#000000
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifyTimestamp: 20060920201706Z
dn: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
objectClass: top
objectClass: person
sn: scoobydoo
cn: scoobydoo
structuralObjectClass: person
entryUUID: 56d4aa34-dd39-102a-93bd-2d2088fc7504
creatorsName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
createTimestamp: 20060920211843Z
entryCSN: 20060920211922Z#000000#00#000000
modifiersName: cn=scoobydoo,ou=system,ou=users,dc=ttpua,dc=portal
modifyTimestamp: 20060920211922Z
dn: cn=test,ou=portal,ou=policies,dc=ttpua,dc=portal
objectClass: pwdPolicy
objectClass: top
objectClass: device
cn: test
pwdAttribute: userPassword
pwdMaxAge: 360
pwdExpireWarning: 120
pwdInHistory: 3
pwdCheckQuality: 1
pwdMinLength: 8
pwdMaxFailure: 3
pwdLockout: TRUE
pwdLockoutDuration: 60
pwdFailureCountInterval: 120
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
pwdGraceAuthNLimit: 3
structuralObjectClass: device
entryUUID: dde41790-ddb0-102a-9d8f-2524a04c2d05
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20060921113420Z
modifyTimestamp: 20060921113420Z
entryCSN: 20060921113420Z#000000#00#000000
dn: cn=webuser,ou=portal,ou=roles,dc=ttpua,dc=portal
objectClass: top
objectClass: person
objectClass: organizationalPerson
sn: webuser
cn: webuser
structuralObjectClass: organizationalPerson
entryUUID: 6ae140ba-de0a-102a-8cfb-0b9650b2dbbe
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20060921221522Z
entryCSN: 20060921221522Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20060921221522Z
dn: cn=lnelson,ou=active,ou=portal,ou=users,dc=ttpua,dc=portal
uid: 1
objectClass: organizationalPerson
objectClass: inetOrgPerson
givenName: Lamont
sn: Nelson
cn: lnelson
structuralObjectClass: inetOrgPerson
entryUUID: 5ca463c6-e0fb-102a-9d43-93b4dcc2b715
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20060925160509Z
userPassword:: cGFzc3dvcmQxMjM=
entryCSN: 20060925170645Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20060925170645Z
dn: cn=User,ou=active,ou=portal,ou=users,dc=ttpua,dc=portal
uid: 2
objectClass: organizationalPerson
objectClass: inetOrgPerson
givenName: UA User
sn: UA
cn: User
structuralObjectClass: inetOrgPerson
entryUUID: b4f5dd42-e106-102a-9d44-93b4dcc2b715
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20060925172621Z
userPassword:: dHRwdWE=
entryCSN: 20060925172716Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20060925172716Z
dn: cn=Rnewton,ou=active,ou=portal,ou=users,dc=ttpua,dc=portal
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: Newton
cn: Rnewton
structuralObjectClass: inetOrgPerson
entryUUID: d35e7c30-05d7-102b-9d47-93b4dcc2b715
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20061111135359Z
uid: 3
givenName: R Newton
userPassword:: ZGhzMXVh
entryCSN: 20061111135646Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20061111135646Z
dn: cn=lnelson123,ou=pending,ou=portal,ou=users,dc=ttpua,dc=portal
supervisorName: test
o: test
telephoneNumber: test
street: test
sn: test
userPassword:: cGFzc1dPUkQxMjMh
city: test
givenName: test
mail: test
objectClass: dfittpuser
accessReason: test
postalCode: test
supervisorEmail: test
cn: lnelson123
title: test
businessCategory: test
st: AR
structuralObjectClass: dfittpuser
entryUUID: 1c673d44-3bf3-102b-912c-2d95986cd7a9
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20070119102521Z
entryCSN: 20070119102521Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20070119102521Z
dn: cn=Username,ou=pending,ou=portal,ou=users,dc=ttpua,dc=portal
supervisorName: Supervisor's Name
o: Employer Name
telephoneNumber: Professional Phone Number
street: Professional Street Address
sn: Last Name
userPassword:: cGFzc1dPUkQxMjMh
city: City
givenName: First Name
mail: Professional Email Address
objectClass: dfittpuser
accessReason: Reason for requesting access
postalCode: Zip Code
supervisorEmail: Supervisor's Email Address
cn: Username
title: Title
businessCategory: Job Title
st: DE
structuralObjectClass: dfittpuser
entryUUID: 695d0502-3bf3-102b-912d-2d95986cd7a9
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20070119102730Z
entryCSN: 20070119102730Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20070119102730Z
dn: cn=tuser,ou=testing,ou=portal,ou=users,dc=ttpua,dc=portal
userPassword:: e1NIQX1XNnBoNU1tNVB6OEdnaVVMYlBnekczN21qOWc9
objectClass: top
objectClass: inetOrgPerson
objectClass: organizationalPerson
sn: User
cn: tuser
structuralObjectClass: inetOrgPerson
entryUUID: 15847d74-3bf4-102b-912f-2d95986cd7a9
creatorsName: cn=scoobydoo,dc=ttpua,dc=portal
createTimestamp: 20070119103219Z
pwdPolicySubentry: cn=test,ou=portal,ou=policies,dc=ttpua,dc=portal
entryCSN: 20070119103245Z#000000#00#000000
modifiersName: cn=scoobydoo,dc=ttpua,dc=portal
modifyTimestamp: 20070119103245Z
So, as test022-policy does, I should be able to lock myself out after 3
unsuccessful attempts..
./ldapsearch -x -b "dc=ttpua,dc=portal" -P 3 -LLL -e ppolicy -h
localhost -D cn=tuser,ou=testing,ou=portal,ou=users,dc=ttpua,dc=portal
-w badpassword
I do that 3 times, and after third attempt,I should receive a response
back from the server indicating that my acct is locked out. But I don't
and if I use the correct password for the account, I am able to
authenticate and my search returns data.
Also, when I start up my ldap server, I get the following error:
Stopping slapd: [ OK ]
Checking configuration files for slapd: WARNING: No dynamic config
support for overlay ppolicy.
config file testing succeeded
Starting slapd:
So I'm not sure whats wrong here. This is already long so I don't want
to respost my slapd.conf.