5 Oct
2012
5 Oct
'12
9:16 a.m.
Clément OUDOT wrote:
2012/10/5 Guillaume Rousse guillomovitch@gmail.com:
Le 05/10/2012 16:50, Jason Cwik a écrit : AFAIK, pwdReset TRUE just prevent the user to perform operation on the directory, but doesn't change anything on the bind operation. It means non-ppolicy aware client (apache mod_ldap, for instance) wont notice anything...
Right. You still can :
- BIND
- MODIFY userPassword attribute
These operations are required to change a password...
Yes, and BIND is the operation required to login to other systems. So user won't notice anything if the LDAP client does not honor the ppolicy response control.
Ciao, Michael.