2014-03-01 13:29 GMT+01:00 Michael Ströder <michael(a)stroeder.com>:
Cyril Grosjean wrote:
> pwdFailureTime should not exist or at least should not increase when
> pwdLocjout is false. So it looks to me like a bug, as you mentioned.
I strongly disagree. I don't use password failure lockout but I definitely
want to see pwdFailureTime appear!
I disagree too. It's not because you find it useful that it should not be
considered as a bug.
An entry that is not associated to a password policy (and no default
ppolicy configured) should not own any ppolicy operational attribute.
> When can we expect it to be fixed ?
There's no need for a fix. ITS#7788 is not a bug!
I find pwdFailureTime *very* useful for reporting login failure in a
component even without using slapo-ppolicy's lockout feature.
If you don't want pwdFailureTime then simply you should not load
No, if you want pwdFailureTime, you should configure a ppolicy for the
entry, or configure a default ppolicy.