Guillaume Rousse wrote:
The following ldif fragment: dn: uid=melancon,ou=saclay,ou=futurs,ou=users,dc=futurs,dc=inria,dc=fr changetype: modify replace: userpassword userpassword: XXXXX
replace: gidnumber gidnumber: 5050
replace: homedirectory homedirectory: /home/gravite/melancon
delete: pwdAccountLockedTime
causes the server to choke with error: ldapmodify: No such attribute (16) additional info: modify/delete: pwdAccountLockedTime: no such attribute
However, when removing other changes, and keeping only pwdAccountLockedTime deletion, everything works OK....
You likely 1. enabled slapo-ppolicy, 2. set the userPassword attribute and 3. disabled slapo-ppolicy afterwards.
Since schema declaration of attribute type pwdAccountLockedTime is hard-coded in slapo-ppolicy and slapo-ppolicy also sets this operational attribute you now have an entry which contains an attribute for which no schema information is available anymore.
This also happened to me when having a master with slapo-ppolicy enabledn and having a consumer replica with slapo-ppolicy disabled.
Ciao, Michael.