Re: ppolicy.c module doesn't respect Draft policy
You should submit this to the ITS.
LABICHE Alexandre wrote:
Hello,
draft-behera-ldap-password-policy-xx.txt says:
5.3.2 pwdChangedTime
This attribute specifies the last time the entry's password was
changed. This is used by the password expiration policy. If this
attribute does not exist, the password will never expire.
And ppolicy.c overlay says contrary
/*
* Hmm. No password changed time on the
* entry. This is odd - it should have
* been provided when the attribute was
added.
*
* However, it's possible that it could be
* missing if the DIT was established via
* an import process.
*/
Debug( LDAP_DEBUG_ANY,
"ppolicy_bind: Entry %s does not
have valid pwdChangedTime attribute - assuming password expired\n",
e->e_name.bv_val, 0, 0);
pwExpired = 1;
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/