Openldap 2.4.39
Adding in policy in already running OpenLDAP installation. Mostly functional - I was locked out after failed password attempts as expected.
Existing user with password beyond expiration is an issue. It is extended grace logins as expected but when I try to change the password, I get an error which appears to be "error 16 - modify/delete: pwdGraceUseTime: no such attribute"
But there is that attribute.
# ldapsearch -x -h localhost '(uid=craig.white)' + Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=obscured> (default) with scope subtree # filter: (uid=craig.white) # requesting: + #
# craig.white, People, obscured dn: uid=craig.white,ou=People,dc=obscured entryUUID: c4ae47b4-c3e9-1033-8b0f-497efc42df64 creatorsName: cn=root,dc=obscured createTimestamp: 20140829170048Z pwdChangedTime: 20150730153646Z structuralObjectClass: inetOrgPerson pwdPolicySubentry: cn=personnelpp,ou=Policies,dc=obscured pwdGraceUseTime: 20150827230337Z pwdGraceUseTime: 20150827230344Z pwdGraceUseTime: 20150827230351Z pwdGraceUseTime: 20150827230430Z pwdGraceUseTime: 20150827230441Z pwdGraceUseTime: 20150827230847Z pwdGraceUseTime: 20150827230855Z pwdGraceUseTime: 20150827231032Z pwdGraceUseTime: 20150827231039Z pwdGraceUseTime: 20150828152032Z pwdGraceUseTime: 20150828152038Z pwdGraceUseTime: 20150828152404Z pwdGraceUseTime: 20150828152410Z pwdGraceUseTime: 20150828152527Z pwdGraceUseTime: 20150828152533Z pwdGraceUseTime: 20150828152643Z pwdGraceUseTime: 20150828152648Z pwdGraceUseTime: 20150828153349Z pwdGraceUseTime: 20150828153354Z pwdGraceUseTime: 20150828153619Z pwdGraceUseTime: 20150828153623Z entryCSN: 20150828154229.701657Z#000000#000#000000 modifiersName: cn=admin,dc=obscured modifyTimestamp: 20150828154229Z entryDN: uid=craig.white,ou=People,dc=obscured subschemaSubentry: cn=Subschema hasSubordinates: FALSE
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1
Why won't it let me change my password?
Craig White System Administrator O 623-201-8179 M 602-377-9752
[cid:image001.png@01CF86FE.42D51630]
SkyTouch Technology 4225 E. Windrose Dr. Phoenix, AZ 85032
