Aaron,
I went through both paths. I tried the "userid" route on the DB and on a client. Still nothing. Then, I went back and created a simple inetaccountperson cn with the user password set to the password, still debugging is showing that the ppolicy overlay is being applied. Is this due to the fact that ppolicy is applied at the userpassword attribute and I still have a userpassword attribute in this account.
Nothing, it's still giving me invalid credentials on an expired password.
Paul
-----Original Message----- From: Aaron Richton [mailto:richton@nbcs.rutgers.edu] Sent: Mon 8/27/2007 5:20 PM To: Paul J. Pathiakis Cc: openldap-software@openldap.org Subject: RE: Syncrepl and proxyAgent password expiration
Something is clearly feeding
ppolicy_bind: Entry cn=proxyAgent,ou=Profile,dc=eagleaccess,dc=com
to your server. If you're looking to deprecate that and make a new DN starting "uid=proxyAgent", you're going to have to change everything that has the old one.
On Mon, 27 Aug 2007, Paul J. Pathiakis wrote:
Hi,
just as someone was answering the question, I got the second part of it by just using the rootdn of the master provider. (I went back to square one and wiped everything on the consumer.) Now, I'm stuck with a "simple" problem of the Solaris 9 clients in my network coming back with the Error 49 problem of invalid credentials. I've created a security object for the proxyAgent and I'm trying to initialize its use. However, this now has a userid attribute instead of cn. Is this going to cause me any grief?
Thank you,
Paul Pathiakis