Hi,   Currently I'm using Symas OPENLDAP 2.4.12.. It internally uses openLDAP 2.4.12 software   I'm able to populate users in openldap database. Following is LDIF File I'm using  ----- dn: dc=crmsldap,dc=company dc: crmsldap objectClass: dcObject objectClass: organization o: My company dn: ou=group,dc=crmsldap,dc=company objectClass: top objectClass: organizationalUnit ou: group dn: ou=people,dc=crmsldap,dc=company objectClass: top objectClass: organizationalUnit ou: people dn: ou=policies,dc=crmsldap,dc=company objectClass: top objectClass: organizationalUnit ou: policies dn: cn=default,ou=policies,dc=crmsldap,dc=company objectClass: top objectClass: device objectClass: pwdPolicy cn: default pwdAttribute: 2.5.4.35 pwdMinLength: 2 pwdMaxFailure: 2 pwdLockout: TRUE pwdCheckQuality: 2 pwdExpireWarning: 600 pwdGraceAuthNLimit: 2 pwdInHistory: 2 pwdLockoutDuration: 0 pwdSafeModify: FALSE dn: cn=admin,ou=group,dc=crmsldap,dc=company objectClass: top objectClass: posixGroup gidNumber: 100 dn: uid=admin,ou=people,dc=crmsldap,dc=company objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount cn:  administrator sn:  Administrator uid: admin userPassword: admin uidNumber: 1000 gidNumber: 100 homeDirectory: /home/admin pwdPolicySubentry:cn=default,ou=policies,dc=crmsldap,dc=company ---------- I have made all necassary changes to slapd.conf file After I give wrong password even 10 times. at the 11th time, if I give right password I'm able to login to openLDAP... Can somebody explain what is wrong in my LDIF File... Thanks Subbarao