RE: [EXT] Re: Q: Reset a locked user's password

23 Jun 2024


      Quanah,
thank you: Adding "-e relax" to ldapmodify did the trick.
Ulrich
...
-----Original Message-----
From: Quanah Gibson-Mount quanah@fast-mail.org
Sent: Friday, June 21, 2024 6:12 PM
To: Windl, Ulrich u.windl@ukr.de; openldap-technical <openldap-
technical@openldap.org>
Subject: [EXT] Re: Q: Reset a locked user's password
--On Friday, June 21, 2024 8:55 AM +0000 "Windl, Ulrich" u.windl@ukr.de
wrote:
...
ldap_modify: Constraint violation (19)
    additional info: pwdGraceUseTime: no user modification allowed


So what are the options (for the user himself and for an admin)?
This may behave differently in later OpenLDAP releases where ppolicy has
been significantly reworked.  It also may be possible in 2.4 (but I can't
say for sure) if you have manage access, and use both manage + relax.
--Quanah

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

RE: [EXT] Re: Q: Reset a locked user's password