Hi!

 

After a long time I checked the database dump I had created with slapcat in OpenLDAP 2.5.

I always thought that all attributes from the database were saved, but it seems some attributes related to password policy aren’t:

Specifically I cannot find the pwdChangedTime that is there when searching for it.

I also miss the pwdHistory, but the pwdPolicySubentry attribute is there.

 

When I compare the dump with the last one created with OpenLDAP 2.4, I see that those attributes (pwdChangedTime, pwdHistory) are still there.

 

That makes me wonder: Is it a bug in OpenLDAP, or is it a bug in my configuration? As I understand it, ACLs should not play a role for slapcat, right?

The command I’m using is “slapcat -o ldif-wrap=no -n $DBNUM -F $CONFDIR -g -l "$TMPFILE1”

 

Module load order is:

olcModuleLoad: {0}back_mdb.so

olcModuleLoad: {1}syncprov.so

olcModuleLoad: {2}accesslog.so

olcModuleLoad: {3}ppolicy.so

olcModuleLoad: {4}refint.so

olcModuleLoad: {5}pw-sha2.so

olcModuleLoad: {6}lastbind.so

 

 

 

Mit freundlichen Grüßen

Ulrich Windl

Klinikum der Universität Regensburg

IT / Infrastruktur

Franz-Josef-Strauß-Allee 11

D-93053 Regensburg

 

Tel: +49 941 944-13816

Softphone: +49 941 944-801142

FAX: +49 941 944-5882